maličko pomalejší PC
Napsal: 25 bře 2019 18:18
prosím o preventivní kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2019-03-25 18:14:47
Microsoft Windows 10 Home
System drive C: has 208 GB (35%) free of 592 GB
Total RAM: 3948 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:04, on 25.3.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\admin\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 12257 bytes
======Listing Processes======
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {93ed58cc-2c9b-4334-8b925f4b3db73c5c}
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\system32\HPSIsvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files\Elantech\ETDService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\rempl\sedsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\rempl\sedlauncher.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"ctfmon.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
AvastUI.exe /nogui
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\WINDOWS\system32\igfxext.exe" -Embedding
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.121 --initial-client-data=0x1e4,0x1e8,0x1ec,0x1e0,0x1f0,0x7fff9d225510,0x7fff9d225520,0x7fff9d225530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=11296 --on-initialized-event-handle=688 --parent-handle=696 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=12988110831457014035 --mojo-platform-channel-handle=1740 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=3791621195675660448 --mojo-platform-channel-handle=2060 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=4861257087376608264 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4861257087376608264 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3028 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=4630255280517880623 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4630255280517880623 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=12926477753831962921 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12926477753831962921 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=10379602391039413540 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10379602391039413540 --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=18135156414951502396 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18135156414951502396 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=14685940085602128826 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14685940085602128826 --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 760 764 772 8192 768
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x5e4
c:\windows\system32\svchost.exe -k bcastdvruserservice -s BcastDVRUserService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=10883496755750230401 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10883496755750230401 --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=17558962920652594627 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17558962920652594627 --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
"C:\Users\admin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core.job - C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA.job - C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/?utm_source=ch-to ... paign=home"
prefs.js - "keyword.URL" - "https://www.google.com/search?q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.156 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.156 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default\extensions\
toolbar@centrumholdings.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-04-04 43520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"Power Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2011-03-28 499304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-10-17 242392]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\admin\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [2018-12-20 605992]
"OneDrive"=C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-06-21 1628840]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-05-10 177448]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-03-25 18:14:47 ----D---- C:\rsit
2019-03-13 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-03-13 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-03-13 14:03:42 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-03-13 14:03:42 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 14:03:41 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-03-13 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-03-13 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-03-13 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-03-13 14:03:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-03-13 14:03:37 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-03-13 14:03:36 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-03-13 14:03:36 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-03-13 14:03:36 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-03-13 14:03:35 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-03-13 14:03:34 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-03-13 14:03:33 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2019-03-13 14:03:33 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-03-13 14:03:33 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 14:03:32 ----A---- C:\WINDOWS\system32\OpcServices.dll
2019-03-13 14:03:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-03-13 14:03:31 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 14:03:31 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-03-13 14:03:30 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-03-13 14:03:30 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-03-13 14:03:30 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-03-13 14:03:29 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-03-13 14:03:29 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-03-13 14:03:29 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-03-13 14:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-03-13 14:03:27 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-03-13 14:03:27 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 14:03:27 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-03-13 14:03:26 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2019-03-13 14:03:26 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-03-13 14:03:26 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-03-13 14:03:26 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-03-13 14:03:26 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 14:03:25 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-03-13 14:03:25 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-03-13 14:03:25 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-03-13 14:03:25 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 14:03:24 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 14:03:24 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-03-13 14:03:23 ----A---- C:\WINDOWS\system32\jscript.dll
2019-03-13 14:03:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-03-13 14:03:22 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-03-13 14:03:22 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\propsys.dll
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\combase.dll
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 14:03:20 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 14:03:20 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-03-13 14:03:20 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-03-13 14:03:19 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-03-13 14:03:19 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-03-13 14:03:18 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 14:03:18 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-03-13 14:03:18 ----A---- C:\WINDOWS\system32\msi.dll
2019-03-13 14:03:17 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 14:03:17 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 14:03:16 ----A---- C:\WINDOWS\system32\wininet.dll
2019-03-13 14:03:16 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 14:03:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-03-13 14:03:15 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-03-13 14:03:15 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-03-13 14:03:14 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 14:03:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-03-13 14:03:11 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-03-13 14:03:11 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-03-13 14:03:10 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2019-03-13 14:03:10 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 14:03:09 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 14:03:08 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-03-13 14:03:07 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 14:02:53 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-03-13 14:02:53 ----A---- C:\WINDOWS\system32\cdp.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\winresume.exe
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\winload.exe
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-03-13 14:02:49 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-03-13 14:02:49 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\wer.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\system32\mos.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\BingMaps.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\aepic.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\fcon.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\dosvc.dll
2019-03-13 14:02:43 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-03-13 14:02:43 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-03-13 14:02:42 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\msctf.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\lpasvc.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\devinv.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\cdprt.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-03-13 14:02:41 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\invagent.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\gpsvc.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-13 14:02:40 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2019-03-13 14:02:40 ----A---- C:\WINDOWS\system32\MapRouter.dll
2019-03-13 14:02:40 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 14:02:39 ----A---- C:\WINDOWS\system32\wlansvc.dll
2019-03-13 14:02:39 ----A---- C:\WINDOWS\system32\localspl.dll
2019-03-13 14:02:39 ----A---- C:\WINDOWS\system32\dpx.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\NMAA.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\SYSWOW64\dpx.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 14:02:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\resutils.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\MapsStore.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\AppResolver.dll
2019-03-13 14:02:35 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2019-03-13 14:02:35 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2019-03-13 14:02:35 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-03-13 14:02:35 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-03-13 14:02:35 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\domgmt.dll
2019-03-13 14:02:33 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2019-03-13 14:02:33 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-03-13 14:02:32 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\hal.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\AcLayers.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\werui.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-03-13 14:02:29 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2019-03-13 14:02:29 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\weretw.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 14:02:28 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2019-03-13 14:02:28 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2019-03-13 14:02:28 ----A---- C:\WINDOWS\system32\moshostcore.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\tzres.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
======List of files/folders modified in the last 1 month======
2019-03-25 18:15:01 ----D---- C:\Program Files\trend micro
2019-03-25 18:13:34 ----D---- C:\WINDOWS\Prefetch
2019-03-25 18:11:13 ----HD---- C:\Program Files\WindowsApps
2019-03-25 18:11:07 ----D---- C:\WINDOWS\Temp
2019-03-25 17:57:04 ----D---- C:\WINDOWS\AppReadiness
2019-03-25 17:56:10 ----D---- C:\ProgramData\clear.fi
2019-03-25 17:55:25 ----D---- C:\WINDOWS\System32
2019-03-25 17:55:25 ----D---- C:\WINDOWS\INF
2019-03-25 17:55:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-25 17:52:06 ----D---- C:\WINDOWS\system32\sru
2019-03-22 07:28:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-03-21 18:09:25 ----D---- C:\WINDOWS\system32\SleepStudy
2019-03-21 17:33:31 ----SHD---- C:\System Volume Information
2019-03-21 17:33:02 ----D---- C:\WINDOWS\Logs
2019-03-21 17:26:30 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2019-03-21 17:22:10 ----D---- C:\ProgramData\NVIDIA
2019-03-21 16:26:28 ----RD---- C:\WINDOWS\Microsoft.NET
2019-03-21 15:51:50 ----AD---- C:\Program Files (x86)\TeamViewer
2019-03-21 15:45:47 ----D---- C:\WINDOWS\system32\LogFiles
2019-03-20 22:14:49 ----SHD---- C:\Config.Msi
2019-03-20 21:20:33 ----D---- C:\WINDOWS\system32\config
2019-03-20 08:31:48 ----SHD---- C:\WINDOWS\Installer
2019-03-20 08:31:44 ----AD---- C:\Program Files\rempl
2019-03-19 08:18:57 ----D---- C:\WINDOWS\WinSxS
2019-03-13 22:11:24 ----D---- C:\WINDOWS\system32\DriverStore
2019-03-13 22:10:46 ----D---- C:\WINDOWS\system32\drivers
2019-03-13 22:09:59 ----D---- C:\WINDOWS\system32\catroot2
2019-03-13 22:08:41 ----D---- C:\WINDOWS\TextInput
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SysWOW64
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\zu-ZA
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\yo-NG
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\xh-ZA
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\wo-SN
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-03-13 22:08:35 ----SD---- C:\WINDOWS\system32\UNP
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\tn-ZA
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ti-ET
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\rw-RW
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\oobe
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\nso-ZA
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\migration
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ig-NG
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\en-US
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\cs-CZ
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\appraiser
2019-03-13 22:08:33 ----D---- C:\WINDOWS\ShellExperiences
2019-03-13 22:08:32 ----RSD---- C:\WINDOWS\Fonts
2019-03-13 22:08:32 ----RD---- C:\Program Files\Windows Defender
2019-03-13 22:08:32 ----D---- C:\WINDOWS\bcastdvr
2019-03-13 22:08:32 ----D---- C:\WINDOWS\apppatch
2019-03-13 22:08:32 ----D---- C:\Program Files (x86)\Windows Defender
2019-03-13 22:08:30 ----D---- C:\WINDOWS\system32\Boot
2019-03-13 14:13:17 ----D---- C:\WINDOWS\CbsTemp
2019-03-13 14:01:48 ----D---- C:\WINDOWS\system32\MRT
2019-03-13 13:55:26 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-03-13 13:19:57 ----D---- C:\WINDOWS\system32\Macromed
2019-03-13 13:19:54 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-03-13 13:19:52 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2019-03-06 22:02:01 ----RD---- C:\WINDOWS\assembly
2019-03-04 22:48:06 ----AD---- C:\Program Files (x86)\WinRAR
2019-03-03 17:54:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-10-17 201928]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-10-17 346760]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-10-17 59664]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-10-17 15360]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-10-17 88112]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-10-17 381144]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-01-17 48696]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-10-17 201408]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-10-17 230512]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-10-17 185240]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2018-10-17 42456]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-10-17 111968]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-10-17 1028840]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-10-17 467904]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2011-08-05 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2011-08-05 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-05 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-10-17 163376]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-10-17 208640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-09-20 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2018-04-12 4233728]
R3 BTATH_BUS;@oem40.inf,%BTATH_BUS.SVCDESC%;Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2011-08-02 30368]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 ETD;@oem13.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IntcDAud;@oem34.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2018-04-12 121344]
R3 MEIx64;@oem42.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [2017-01-17 14190520]
R3 RSPCIESTOR;@oem69.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2015-06-03 374016]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-09-20 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-10-17 47064]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem14.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-03-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 mvusbews;@oem63.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2009-12-04 20480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-10-17 325024]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_83a735;Uživatelská služba platformy připojených zařízení_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-03-28 799848]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2009-12-03 126520]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 OneSyncSvc_83a735;Hostitel synchronizace_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-09-20 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-16 325432]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-10-17 8188768]
R3 BcastDVRUserService_83a735;Uživatelská služba pro GameDVR a vysílání her_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_83a735;Data kontaktů_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-03-16 113704]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-09 164984]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-03-13 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-09 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [2019-03-06 1070600]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-10-17 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_83a735;Služba pro podporu uživatelů Bluetooth_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_83a735;DevicePicker_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_83a735;Tok zařízení_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-09-20 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-08-25 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-02-14 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe [2019-03-01 1271280]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_83a735;Služba zasílání zpráv_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-31 148080]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_83a735;PrintWorkflow_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2019-03-25 18:14:47
Microsoft Windows 10 Home
System drive C: has 208 GB (35%) free of 592 GB
Total RAM: 3948 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:04, on 25.3.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\admin\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 12257 bytes
======Listing Processes======
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {93ed58cc-2c9b-4334-8b925f4b3db73c5c}
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\system32\HPSIsvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files\Elantech\ETDService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\rempl\sedsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\rempl\sedlauncher.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"ctfmon.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
AvastUI.exe /nogui
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\WINDOWS\system32\igfxext.exe" -Embedding
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.121 --initial-client-data=0x1e4,0x1e8,0x1ec,0x1e0,0x1f0,0x7fff9d225510,0x7fff9d225520,0x7fff9d225530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=11296 --on-initialized-event-handle=688 --parent-handle=696 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=12988110831457014035 --mojo-platform-channel-handle=1740 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=3791621195675660448 --mojo-platform-channel-handle=2060 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=4861257087376608264 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4861257087376608264 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3028 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=4630255280517880623 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4630255280517880623 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=12926477753831962921 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12926477753831962921 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=10379602391039413540 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10379602391039413540 --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=18135156414951502396 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18135156414951502396 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=14685940085602128826 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14685940085602128826 --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 760 764 772 8192 768
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x5e4
c:\windows\system32\svchost.exe -k bcastdvruserservice -s BcastDVRUserService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=10883496755750230401 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10883496755750230401 --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,1839890224131193384,317803183156143575,131072 --service-pipe-token=17558962920652594627 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17558962920652594627 --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
"C:\Users\admin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core.job - C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA.job - C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/?utm_source=ch-to ... paign=home"
prefs.js - "keyword.URL" - "https://www.google.com/search?q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.156 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.156 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default\extensions\
toolbar@centrumholdings.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-04-04 43520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"Power Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2011-03-28 499304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-10-17 242392]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\admin\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [2018-12-20 605992]
"OneDrive"=C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-06-21 1628840]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-05-10 177448]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-03-25 18:14:47 ----D---- C:\rsit
2019-03-13 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-03-13 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-03-13 14:03:42 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-03-13 14:03:42 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 14:03:41 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-03-13 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-03-13 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-03-13 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-03-13 14:03:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-03-13 14:03:37 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-03-13 14:03:36 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-03-13 14:03:36 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-03-13 14:03:36 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 14:03:35 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-03-13 14:03:35 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-03-13 14:03:34 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-03-13 14:03:33 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2019-03-13 14:03:33 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-03-13 14:03:33 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 14:03:32 ----A---- C:\WINDOWS\system32\OpcServices.dll
2019-03-13 14:03:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-03-13 14:03:31 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 14:03:31 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-03-13 14:03:30 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-03-13 14:03:30 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-03-13 14:03:30 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-03-13 14:03:29 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-03-13 14:03:29 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-03-13 14:03:29 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-03-13 14:03:28 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-03-13 14:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-03-13 14:03:27 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-03-13 14:03:27 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 14:03:27 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-03-13 14:03:26 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2019-03-13 14:03:26 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-03-13 14:03:26 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-03-13 14:03:26 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-03-13 14:03:26 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 14:03:25 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-03-13 14:03:25 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-03-13 14:03:25 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-03-13 14:03:25 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 14:03:24 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 14:03:24 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-03-13 14:03:23 ----A---- C:\WINDOWS\system32\jscript.dll
2019-03-13 14:03:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-03-13 14:03:22 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-03-13 14:03:22 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\propsys.dll
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\combase.dll
2019-03-13 14:03:21 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 14:03:20 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 14:03:20 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-03-13 14:03:20 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-03-13 14:03:19 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-03-13 14:03:19 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-03-13 14:03:18 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 14:03:18 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-03-13 14:03:18 ----A---- C:\WINDOWS\system32\msi.dll
2019-03-13 14:03:17 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 14:03:17 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 14:03:16 ----A---- C:\WINDOWS\system32\wininet.dll
2019-03-13 14:03:16 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 14:03:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-03-13 14:03:15 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-03-13 14:03:15 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-03-13 14:03:14 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 14:03:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-03-13 14:03:11 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-03-13 14:03:11 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-03-13 14:03:10 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2019-03-13 14:03:10 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 14:03:09 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 14:03:08 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-03-13 14:03:07 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 14:02:53 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-03-13 14:02:53 ----A---- C:\WINDOWS\system32\cdp.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-13 14:02:51 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\winresume.exe
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\winload.exe
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-03-13 14:02:50 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-03-13 14:02:49 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-03-13 14:02:49 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\wer.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 14:02:48 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2019-03-13 14:02:47 ----A---- C:\WINDOWS\system32\mos.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-03-13 14:02:46 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\BingMaps.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\aepic.dll
2019-03-13 14:02:45 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\fcon.dll
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-03-13 14:02:44 ----A---- C:\WINDOWS\system32\dosvc.dll
2019-03-13 14:02:43 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-03-13 14:02:43 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-03-13 14:02:42 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\msctf.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\lpasvc.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\devinv.dll
2019-03-13 14:02:42 ----A---- C:\WINDOWS\system32\cdprt.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-03-13 14:02:41 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\invagent.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\gpsvc.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 14:02:41 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-13 14:02:40 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2019-03-13 14:02:40 ----A---- C:\WINDOWS\system32\MapRouter.dll
2019-03-13 14:02:40 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 14:02:39 ----A---- C:\WINDOWS\system32\wlansvc.dll
2019-03-13 14:02:39 ----A---- C:\WINDOWS\system32\localspl.dll
2019-03-13 14:02:39 ----A---- C:\WINDOWS\system32\dpx.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\NMAA.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-03-13 14:02:38 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\SYSWOW64\dpx.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-03-13 14:02:37 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 14:02:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\resutils.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\MapsStore.dll
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-03-13 14:02:36 ----A---- C:\WINDOWS\system32\AppResolver.dll
2019-03-13 14:02:35 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2019-03-13 14:02:35 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2019-03-13 14:02:35 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-03-13 14:02:35 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-03-13 14:02:35 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-03-13 14:02:34 ----A---- C:\WINDOWS\system32\domgmt.dll
2019-03-13 14:02:33 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2019-03-13 14:02:33 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-03-13 14:02:32 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\hal.dll
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2019-03-13 14:02:31 ----A---- C:\WINDOWS\system32\AcLayers.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\werui.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2019-03-13 14:02:30 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-03-13 14:02:29 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2019-03-13 14:02:29 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\weretw.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 14:02:29 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 14:02:28 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2019-03-13 14:02:28 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2019-03-13 14:02:28 ----A---- C:\WINDOWS\system32\moshostcore.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-03-13 14:02:27 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2019-03-13 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\tzres.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-13 14:02:26 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
======List of files/folders modified in the last 1 month======
2019-03-25 18:15:01 ----D---- C:\Program Files\trend micro
2019-03-25 18:13:34 ----D---- C:\WINDOWS\Prefetch
2019-03-25 18:11:13 ----HD---- C:\Program Files\WindowsApps
2019-03-25 18:11:07 ----D---- C:\WINDOWS\Temp
2019-03-25 17:57:04 ----D---- C:\WINDOWS\AppReadiness
2019-03-25 17:56:10 ----D---- C:\ProgramData\clear.fi
2019-03-25 17:55:25 ----D---- C:\WINDOWS\System32
2019-03-25 17:55:25 ----D---- C:\WINDOWS\INF
2019-03-25 17:55:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-25 17:52:06 ----D---- C:\WINDOWS\system32\sru
2019-03-22 07:28:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-03-21 18:09:25 ----D---- C:\WINDOWS\system32\SleepStudy
2019-03-21 17:33:31 ----SHD---- C:\System Volume Information
2019-03-21 17:33:02 ----D---- C:\WINDOWS\Logs
2019-03-21 17:26:30 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2019-03-21 17:22:10 ----D---- C:\ProgramData\NVIDIA
2019-03-21 16:26:28 ----RD---- C:\WINDOWS\Microsoft.NET
2019-03-21 15:51:50 ----AD---- C:\Program Files (x86)\TeamViewer
2019-03-21 15:45:47 ----D---- C:\WINDOWS\system32\LogFiles
2019-03-20 22:14:49 ----SHD---- C:\Config.Msi
2019-03-20 21:20:33 ----D---- C:\WINDOWS\system32\config
2019-03-20 08:31:48 ----SHD---- C:\WINDOWS\Installer
2019-03-20 08:31:44 ----AD---- C:\Program Files\rempl
2019-03-19 08:18:57 ----D---- C:\WINDOWS\WinSxS
2019-03-13 22:11:24 ----D---- C:\WINDOWS\system32\DriverStore
2019-03-13 22:10:46 ----D---- C:\WINDOWS\system32\drivers
2019-03-13 22:09:59 ----D---- C:\WINDOWS\system32\catroot2
2019-03-13 22:08:41 ----D---- C:\WINDOWS\TextInput
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-03-13 22:08:41 ----D---- C:\WINDOWS\SysWOW64
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\zu-ZA
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\yo-NG
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\xh-ZA
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\wo-SN
2019-03-13 22:08:36 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-03-13 22:08:35 ----SD---- C:\WINDOWS\system32\UNP
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\tn-ZA
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ti-ET
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\rw-RW
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\oobe
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\nso-ZA
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\migration
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ig-NG
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-03-13 22:08:35 ----D---- C:\WINDOWS\system32\en-US
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\cs-CZ
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-03-13 22:08:34 ----D---- C:\WINDOWS\system32\appraiser
2019-03-13 22:08:33 ----D---- C:\WINDOWS\ShellExperiences
2019-03-13 22:08:32 ----RSD---- C:\WINDOWS\Fonts
2019-03-13 22:08:32 ----RD---- C:\Program Files\Windows Defender
2019-03-13 22:08:32 ----D---- C:\WINDOWS\bcastdvr
2019-03-13 22:08:32 ----D---- C:\WINDOWS\apppatch
2019-03-13 22:08:32 ----D---- C:\Program Files (x86)\Windows Defender
2019-03-13 22:08:30 ----D---- C:\WINDOWS\system32\Boot
2019-03-13 14:13:17 ----D---- C:\WINDOWS\CbsTemp
2019-03-13 14:01:48 ----D---- C:\WINDOWS\system32\MRT
2019-03-13 13:55:26 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-03-13 13:19:57 ----D---- C:\WINDOWS\system32\Macromed
2019-03-13 13:19:54 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-03-13 13:19:52 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2019-03-06 22:02:01 ----RD---- C:\WINDOWS\assembly
2019-03-04 22:48:06 ----AD---- C:\Program Files (x86)\WinRAR
2019-03-03 17:54:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-10-17 201928]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-10-17 346760]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-10-17 59664]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-10-17 15360]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-10-17 88112]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-10-17 381144]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-01-17 48696]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-10-17 201408]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-10-17 230512]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-10-17 185240]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2018-10-17 42456]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-10-17 111968]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-10-17 1028840]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-10-17 467904]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2011-08-05 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2011-08-05 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-05 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-10-17 163376]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-10-17 208640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-09-20 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2018-04-12 4233728]
R3 BTATH_BUS;@oem40.inf,%BTATH_BUS.SVCDESC%;Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2011-08-02 30368]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 ETD;@oem13.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IntcDAud;@oem34.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2018-04-12 121344]
R3 MEIx64;@oem42.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [2017-01-17 14190520]
R3 RSPCIESTOR;@oem69.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2015-06-03 374016]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-09-20 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-10-17 47064]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem14.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-03-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 mvusbews;@oem63.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2009-12-04 20480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-10-17 325024]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_83a735;Uživatelská služba platformy připojených zařízení_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-03-28 799848]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2009-12-03 126520]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 OneSyncSvc_83a735;Hostitel synchronizace_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-09-20 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-16 325432]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-10-17 8188768]
R3 BcastDVRUserService_83a735;Uživatelská služba pro GameDVR a vysílání her_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_83a735;Data kontaktů_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-03-16 113704]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-09 164984]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-03-13 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-09 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [2019-03-06 1070600]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-10-17 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_83a735;Služba pro podporu uživatelů Bluetooth_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_83a735;DevicePicker_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_83a735;Tok zařízení_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-09-20 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-08-25 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-02-14 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe [2019-03-01 1271280]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_83a735;Služba zasílání zpráv_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-31 148080]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_83a735;PrintWorkflow_83a735; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
-----------------EOF-----------------
Stiahni AdwCleaner: