VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=155826

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 18 dub 2019 12:17
od Bubenak1
Opět zdravím, tentokrát se starším notebookem.

Největší problém je rychlost notebooku a hlavně nechtěné aktualizace. Windows se stále snaží aktualizovat a když aktualizace dosáhne 100 procent nic se neděje a kolečko se načítá dál i celý den, pak počítač nereaguje, nelze vypnout ( musím na tvrdo vytažením napájení ).

Poté se třeba zase nezapne apod. Snažil jsem se googlit návod na vypnutí automatických aktualizaci ale žádný návod nepomohl, stále se snaží PC aktualizovat Windows. Tak mně napadlo, zda tomu nebrání nějaký škodlivý virus či něco podobného. Děkuji za ochotu, V příloze zasílám log z FRST a zde do příspěvku RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Renátka at 2019-04-18 13:14:27
Microsoft Windows 10 Home
System drive C: has 291 GB (61%) free of 475 GB
Total RAM: 3982 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:14:34, on 18.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Users\Renátka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files\trend micro\Renátka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Renátka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Renátka\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2c49a9f3-cb0a-4cc9-993b-f27be6cc9eb5}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Protected Service (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 8600 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\WLANExt.exe 1729425291520
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Users\Renátka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files\rempl\sedsvc.exe"

C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min /NOSPLASH /SETUPSTART
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000010bc

"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Renátka\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Renátka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Renátka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=73.0.3683.103 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7fff32af6830,0x7fff32af6840,0x7fff32af6850
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7728 --on-initialized-event-handle=652 --parent-handle=656 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=8672040131579172435 --mojo-platform-channel-handle=1556 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=9173419053301360297 --mojo-platform-channel-handle=1928 /prefetch:8
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=5444106843962760611 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=5444106843962760611 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=22357463970267870 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=22357463970267870 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=15076309426247689930 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=15076309426247689930 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2756 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=796932673600321495 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=796932673600321495 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2088 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=11996125521412366340 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=11996125521412366340 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=9539556793334298175 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=9539556793334298175 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2472 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=4420504665262830656 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=4420504665262830656 --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9560 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512,7436410305934819002,1405631866215425713,131072 --service-pipe-token=7266804494069990701 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=7266804494069990701 --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9896 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\PROGRA~1\WI7DB9~1\WINZIP~1.0_X\WzPreloader.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x568
"C:\Users\Renátka\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-07-03 8505088]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-03 1402624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Renátka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-04-16 1517880]
"uTorrent"=C:\Users\Renátka\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2019-03-20 98024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-04-18 13:14:28 ----D---- C:\Program Files\trend micro
2019-04-18 13:14:27 ----D---- C:\rsit
2019-04-18 13:08:52 ----D---- C:\ProgramData\UniqueId
2019-04-18 13:08:34 ----D---- C:\ProgramData\WinZip
2019-04-18 12:59:14 ----D---- C:\FRST
2019-04-10 12:47:32 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-04-10 12:47:32 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2019-04-10 12:47:32 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2019-04-10 12:47:32 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 12:47:32 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2019-04-10 12:47:32 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2019-04-10 12:47:32 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 12:47:32 ----A---- C:\WINDOWS\system32\msscntrs.dll
2019-04-10 12:47:31 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2019-04-10 12:47:31 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2019-04-10 12:47:31 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-04-10 12:47:31 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 12:47:31 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-04-10 12:47:30 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2019-04-10 12:47:30 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2019-04-10 12:47:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-04-10 12:47:30 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-04-10 12:47:30 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 12:47:30 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 12:47:29 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-04-10 12:47:29 ----A---- C:\WINDOWS\system32\cloudAP.dll
2019-04-10 12:47:29 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 12:47:28 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 12:47:28 ----A---- C:\WINDOWS\system32\cdp.dll
2019-04-10 12:47:27 ----A---- C:\WINDOWS\system32\tquery.dll
2019-04-10 12:47:27 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 12:47:27 ----A---- C:\WINDOWS\system32\mssph.dll
2019-04-10 12:47:27 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 12:47:27 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 12:47:26 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-04-10 12:47:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-04-10 12:47:26 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-04-10 12:47:26 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2019-04-10 12:47:26 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2019-04-10 12:47:26 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2019-04-10 12:47:26 ----A---- C:\WINDOWS\system32\mssvp.dll
2019-04-10 12:47:26 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-04-10 12:47:25 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2019-04-10 12:47:25 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2019-04-10 12:47:25 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-04-10 12:47:25 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 12:47:24 ----A---- C:\WINDOWS\system32\mssrch.dll
2019-04-10 12:47:23 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-04-10 12:47:23 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 12:47:23 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-04-10 12:47:22 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-04-10 12:47:22 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-04-10 12:47:22 ----A---- C:\WINDOWS\system32\drivers\storqosflt.sys
2019-04-10 12:47:22 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-04-10 12:47:21 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-04-10 12:47:21 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-04-10 12:47:21 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2019-04-10 12:47:21 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2019-04-10 12:47:21 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-04-10 12:47:20 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-04-10 12:47:20 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-04-10 12:47:20 ----A---- C:\WINDOWS\explorer.exe
2019-04-10 12:47:19 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-04-10 12:47:19 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-04-10 12:47:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 12:47:19 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-04-10 12:47:19 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-04-10 12:47:18 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-04-10 12:47:18 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2019-04-10 12:47:18 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-04-10 12:47:18 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-04-10 12:47:18 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-04-10 12:47:18 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-04-10 12:47:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-04-10 12:47:17 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2019-04-10 12:47:17 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 12:47:17 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-04-10 12:47:17 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2019-04-10 12:47:16 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2019-04-10 12:47:16 ----A---- C:\WINDOWS\system32\rdpbase.dll
2019-04-10 12:47:16 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 12:47:15 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-04-10 12:47:15 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 12:47:15 ----A---- C:\WINDOWS\system32\msi.dll
2019-04-10 12:47:14 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-04-10 12:47:14 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-04-10 12:47:13 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2019-04-10 12:47:13 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 12:47:13 ----A---- C:\WINDOWS\system32\jscript.dll
2019-04-10 12:47:13 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-04-10 12:47:12 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2019-04-10 12:47:12 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-04-10 12:47:12 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-04-10 12:47:11 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-04-10 12:47:11 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-04-10 12:47:11 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-04-10 12:47:11 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 12:47:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-04-10 12:47:10 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 12:47:10 ----A---- C:\WINDOWS\system32\schannel.dll
2019-04-10 12:47:09 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-04-10 12:47:09 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 12:47:09 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-04-10 12:47:09 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-04-10 12:47:09 ----A---- C:\WINDOWS\system32\bisrv.dll
2019-04-10 12:47:08 ----A---- C:\WINDOWS\system32\ubpm.dll
2019-04-10 12:47:08 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 12:47:08 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-04-10 12:47:08 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 12:47:08 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 12:47:07 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-04-10 12:47:07 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 12:47:07 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2019-04-10 12:47:07 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-04-10 12:47:07 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2019-04-10 12:47:06 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 12:47:06 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-04-10 12:47:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 12:47:03 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 12:47:03 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-04-10 12:47:01 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-04-10 12:47:01 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-04-10 12:47:01 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-04-10 12:47:01 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 12:47:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 12:46:59 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-04-10 12:46:58 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-04-10 12:46:58 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-04-10 12:46:56 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-04-10 12:46:53 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 12:46:52 ----A---- C:\WINDOWS\system32\smartscreen.exe
2019-04-10 12:46:51 ----A---- C:\WINDOWS\system32\QuietHours.dll
2019-04-10 12:46:45 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2019-04-10 12:46:45 ----A---- C:\WINDOWS\system32\aadtb.dll
2019-04-10 12:46:39 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 12:46:39 ----A---- C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 12:46:39 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 12:46:38 ----A---- C:\WINDOWS\system32\winresume.exe
2019-04-10 12:46:38 ----A---- C:\WINDOWS\system32\winload.exe
2019-04-10 12:46:38 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 12:46:37 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-04-10 12:46:37 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-04-10 12:46:37 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 12:46:37 ----A---- C:\WINDOWS\system32\daxexec.dll
2019-04-10 12:46:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 12:46:36 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-04-10 12:46:36 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 12:46:36 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 12:46:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 12:46:32 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-04-10 12:46:32 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 12:46:32 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 12:46:31 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2019-04-10 12:46:31 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2019-04-10 12:46:31 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 12:46:31 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 12:46:29 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-04-10 12:46:29 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-04-10 12:46:29 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-04-10 12:46:29 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 12:46:29 ----A---- C:\WINDOWS\system32\fcon.dll
2019-04-10 12:46:28 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2019-04-10 12:46:28 ----A---- C:\WINDOWS\system32\termsrv.dll
2019-04-10 12:46:28 ----A---- C:\WINDOWS\system32\mssprxy.dll
2019-04-10 12:46:28 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 12:46:27 ----A---- C:\WINDOWS\system32\objsel.dll
2019-04-10 12:46:25 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 12:46:24 ----A---- C:\WINDOWS\SYSWOW64\negoexts.dll
2019-04-10 12:46:24 ----A---- C:\WINDOWS\SYSWOW64\mpr.dll
2019-04-10 12:46:24 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2019-04-10 12:46:24 ----A---- C:\WINDOWS\system32\sxssrv.dll
2019-04-10 12:46:24 ----A---- C:\WINDOWS\system32\mpr.dll
2019-04-10 12:46:24 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 12:46:24 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2019-04-10 12:46:23 ----A---- C:\WINDOWS\system32\ntlanman.dll
2019-04-10 12:46:23 ----A---- C:\WINDOWS\system32\negoexts.dll
2019-04-10 12:46:23 ----A---- C:\WINDOWS\system32\dsound.dll
2019-04-10 12:46:23 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2019-04-10 12:46:23 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 12:46:23 ----A---- C:\WINDOWS\system32\consent.exe
2019-04-10 12:46:22 ----A---- C:\WINDOWS\SYSWOW64\ntlanman.dll
2019-04-10 12:46:22 ----A---- C:\WINDOWS\SYSWOW64\dsound.dll
2019-04-10 12:46:22 ----A---- C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 12:46:21 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2019-04-10 12:46:21 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\SYSWOW64\RpcPing.exe
2019-04-10 12:46:20 ----A---- C:\WINDOWS\SYSWOW64\oleprn.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\SYSWOW64\objsel.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\SYSWOW64\credui.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\system32\RpcPing.exe
2019-04-10 12:46:20 ----A---- C:\WINDOWS\system32\rdpcore.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\system32\oleprn.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\system32\credui.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 12:46:20 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\SYSWOW64\wcmapi.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\system32\wincredui.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\system32\wcmapi.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\system32\tzres.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\system32\appinfoext.dll
2019-04-10 12:46:19 ----A---- C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 12:30:09 ----D---- C:\Users\Renátka\AppData\Roaming\Google
2019-03-20 12:23:36 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2019-03-20 12:23:36 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2019-03-20 12:23:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-03-20 12:23:35 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-03-20 12:23:34 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-20 12:23:34 ----A---- C:\WINDOWS\system32\domgmt.dll
2019-03-20 12:23:34 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-03-20 12:23:31 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-20 12:23:31 ----A---- C:\WINDOWS\system32\dosvc.dll
2019-03-20 12:23:31 ----A---- C:\WINDOWS\system32\cdprt.dll
2019-03-20 12:23:31 ----A---- C:\WINDOWS\system32\AppResolver.dll
2019-03-20 12:23:30 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-03-20 12:23:30 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-20 12:23:30 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-20 12:23:26 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-03-20 12:23:25 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-03-20 12:23:24 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-03-20 12:23:24 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2019-03-20 12:23:24 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-03-20 12:23:24 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-03-20 12:23:22 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2019-03-20 12:23:22 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-03-20 12:23:22 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2019-03-20 12:23:22 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-03-20 12:23:21 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2019-03-20 12:23:21 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-03-20 12:23:21 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-03-20 12:23:21 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-03-20 12:23:20 ----A---- C:\WINDOWS\system32\OpcServices.dll
2019-03-20 12:23:19 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-03-20 12:23:18 ----A---- C:\WINDOWS\system32\hal.dll
2019-03-20 12:23:18 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-03-20 12:23:18 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-03-20 12:23:17 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-03-20 12:23:17 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-03-20 12:23:15 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2019-03-20 12:23:15 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2019-03-20 12:23:15 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-03-20 12:23:14 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-03-20 12:23:14 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-20 12:23:14 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-03-20 12:23:13 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2019-03-20 12:23:13 ----A---- C:\WINDOWS\system32\NMAA.dll
2019-03-20 12:23:13 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-20 12:23:12 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-03-20 12:23:12 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-03-20 12:23:12 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2019-03-20 12:23:12 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-03-20 12:23:12 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-03-20 12:23:12 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-03-20 12:23:12 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-03-20 12:23:11 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-03-20 12:23:10 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-03-20 12:23:08 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-03-20 12:23:07 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-03-20 12:23:06 ----A---- C:\WINDOWS\system32\propsys.dll
2019-03-20 12:23:06 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2019-03-20 12:23:06 ----A---- C:\WINDOWS\system32\combase.dll
2019-03-20 12:23:05 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-03-20 12:23:05 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-03-20 12:23:04 ----A---- C:\WINDOWS\system32\mos.dll
2019-03-20 12:23:03 ----A---- C:\WINDOWS\system32\msctf.dll
2019-03-20 12:23:02 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-03-20 12:23:02 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-03-20 12:23:02 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-03-20 12:23:02 ----A---- C:\WINDOWS\system32\AcLayers.dll
2019-03-20 12:23:01 ----A---- C:\WINDOWS\system32\wininet.dll
2019-03-20 12:23:00 ----A---- C:\WINDOWS\system32\wlansvc.dll
2019-03-20 12:23:00 ----A---- C:\WINDOWS\system32\localspl.dll
2019-03-20 12:22:56 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-03-20 12:22:54 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2019-03-20 12:22:54 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2019-03-20 12:22:53 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2019-03-20 12:22:53 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2019-03-20 12:22:53 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2019-03-20 12:22:53 ----A---- C:\WINDOWS\system32\MapsStore.dll
2019-03-20 12:22:53 ----A---- C:\WINDOWS\system32\MapRouter.dll
2019-03-20 12:22:53 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2019-03-20 12:22:52 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2019-03-20 12:22:52 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2019-03-20 12:22:51 ----A---- C:\WINDOWS\system32\BingMaps.dll
2019-03-20 12:22:50 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-03-20 12:22:49 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-03-20 12:22:46 ----A---- C:\WINDOWS\system32\moshostcore.dll
2019-03-20 12:22:46 ----A---- C:\WINDOWS\system32\lpasvc.dll
2019-03-20 12:22:29 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-03-20 12:22:29 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-03-20 12:22:26 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2019-03-20 12:22:26 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2019-03-20 12:22:26 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2019-03-20 12:22:26 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2019-03-20 12:22:26 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-03-20 12:22:26 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-03-20 12:22:26 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-03-20 12:22:26 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\invagent.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\devinv.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\aepic.dll
2019-03-20 12:22:25 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-03-20 12:22:24 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-03-20 12:22:24 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-03-20 12:22:21 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-03-20 12:22:20 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-20 12:22:19 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-03-20 12:22:19 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-03-20 12:22:19 ----A---- C:\WINDOWS\system32\wer.dll
2019-03-20 12:22:19 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-03-20 12:22:18 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2019-03-20 12:22:18 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2019-03-20 12:22:17 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-03-20 12:22:17 ----A---- C:\WINDOWS\SYSWOW64\dpx.dll
2019-03-20 12:22:17 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2019-03-20 12:22:17 ----A---- C:\WINDOWS\system32\resutils.dll
2019-03-20 12:22:17 ----A---- C:\WINDOWS\system32\dpx.dll
2019-03-20 12:22:16 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-03-20 12:22:16 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-20 12:22:15 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-03-20 12:22:15 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-03-20 12:22:15 ----A---- C:\WINDOWS\system32\weretw.dll
2019-03-20 12:22:15 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-03-20 12:22:14 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-03-20 12:22:13 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2019-03-20 12:22:12 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-03-20 12:22:12 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-03-20 12:22:10 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-20 12:22:08 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2019-03-20 12:22:08 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2019-03-20 12:22:08 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2019-03-20 12:22:08 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2019-03-20 12:22:08 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2019-03-20 12:22:07 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-03-20 12:22:07 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-20 12:22:07 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-20 12:22:07 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-03-20 12:22:07 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-20 12:22:06 ----A---- C:\WINDOWS\system32\werui.dll
2019-03-20 12:22:06 ----A---- C:\WINDOWS\system32\gpsvc.dll
2019-03-20 12:22:06 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2019-03-20 12:22:06 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2019-03-20 12:22:06 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2019-03-20 12:22:06 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2019-03-20 12:22:06 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-03-20 12:22:05 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-03-20 12:22:05 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2019-03-20 12:22:05 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-03-20 12:22:05 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
2019-03-20 12:22:05 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll

======List of files/folders modified in the last 1 month======

2019-04-18 13:14:32 ----D---- C:\WINDOWS\Prefetch
2019-04-18 13:14:28 ----RD---- C:\Program Files
2019-04-18 13:14:17 ----D---- C:\WINDOWS\Temp
2019-04-18 13:08:52 ----HD---- C:\ProgramData
2019-04-18 13:08:19 ----D---- C:\ProgramData\Packages
2019-04-18 13:08:17 ----D---- C:\WINDOWS\AppReadiness
2019-04-18 13:07:24 ----HD---- C:\Program Files\WindowsApps
2019-04-18 13:06:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-04-18 13:03:11 ----D---- C:\Windows
2019-04-18 12:45:03 ----D---- C:\WINDOWS\system32\sru
2019-04-18 12:44:07 ----D---- C:\WINDOWS\system32\SleepStudy
2019-04-17 21:48:56 ----D---- C:\WINDOWS\system32\catroot2
2019-04-17 18:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2019-04-17 16:57:48 ----D---- C:\WINDOWS\Logs
2019-04-17 15:37:31 ----D---- C:\Users\Renátka\AppData\Roaming\uTorrent
2019-04-17 13:45:40 ----RD---- C:\WINDOWS\Microsoft.NET
2019-04-17 13:39:59 ----D---- C:\WINDOWS\system32\config
2019-04-16 17:43:04 ----D---- C:\WINDOWS\INF
2019-04-16 17:42:12 ----D---- C:\WINDOWS\System32
2019-04-16 17:42:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-16 17:38:33 ----D---- C:\WINDOWS\WinSxS
2019-04-16 17:38:15 ----D---- C:\WINDOWS\system32\DriverStore
2019-04-16 17:35:36 ----D---- C:\WINDOWS\TextInput
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-04-16 17:35:35 ----D---- C:\WINDOWS\SysWOW64
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\zu-ZA
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\yo-NG
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\xh-ZA
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\wo-SN
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\tn-ZA
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\ti-ET
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\rw-RW
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\nso-ZA
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\migration
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\ig-NG
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\en-US
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\drivers
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\cs-CZ
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\Boot
2019-04-16 17:35:29 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-04-16 17:35:22 ----RD---- C:\Program Files\Windows Defender
2019-04-16 17:35:22 ----D---- C:\WINDOWS\bcastdvr
2019-04-16 12:03:16 ----SHD---- C:\System Volume Information
2019-04-16 12:00:42 ----D---- C:\WINDOWS\CbsTemp
2019-04-16 11:42:34 ----D---- C:\WINDOWS\system32\Tasks
2019-04-11 20:41:44 ----SHD---- C:\WINDOWS\Installer
2019-04-11 20:41:42 ----SHD---- C:\Config.Msi
2019-04-10 15:00:23 ----D---- C:\WINDOWS\LiveKernelReports
2019-04-10 12:45:18 ----D---- C:\WINDOWS\system32\MRT
2019-04-10 12:40:13 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-04-07 16:55:58 ----D---- C:\Program Files\rempl
2019-04-07 16:53:32 ----RD---- C:\Program Files (x86)
2019-04-07 16:51:28 ----D---- C:\ProgramData\Package Cache
2019-04-01 19:51:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-03-20 20:04:46 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-20 20:04:41 ----SD---- C:\WINDOWS\system32\UNP
2019-03-20 20:04:40 ----D---- C:\WINDOWS\system32\oobe
2019-03-20 20:04:40 ----D---- C:\WINDOWS\system32\appraiser
2019-03-20 20:04:37 ----D---- C:\WINDOWS\ShellExperiences
2019-03-20 20:04:33 ----RSD---- C:\WINDOWS\Fonts
2019-03-20 20:04:33 ----D---- C:\WINDOWS\apppatch
2019-03-20 20:04:33 ----D---- C:\Program Files (x86)\Windows Defender

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\WINDOWS\system32\DRIVERS\avdevprot.sys [2019-03-18 75432]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 MBI;@oem16.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-11-20 41464]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2019-04-16 194136]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2019-03-18 46704]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2019-04-17 200992]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2019-03-18 89736]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 82432]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 GPIO;@oem4.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-11-16 59840]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-03 4515584]
R3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 RSP2STOR;@oem11.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2015-06-29 310528]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-12 604160]
R3 RTWlanE;@oem21.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2018-04-20 7904088]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-17 42696]
R3 SynTP;@oem6.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2017-08-18 716384]
S0 avelam;avelam; C:\WINDOWS\system32\drivers\avelam.sys [2019-03-18 22336]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-04-02 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S3 ssudmdm;@oem3.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2015-07-03 106952]
R2 AntivirProtectedService;Avira Protected Service; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [2019-04-16 311152]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2019-04-16 244656]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2019-04-16 244656]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2019-03-20 466280]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_5df77;Uživatelská služba platformy připojených zařízení_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 OneSyncSvc_5df77;Hostitel synchronizace_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-07-03 303360]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-30 338744]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-08-18 278616]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2019-04-16 908160]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2019-04-16 1182464]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-23 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_5df77;Uživatelská služba pro GameDVR a vysílání her_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_5df77;Služba pro podporu uživatelů Bluetooth_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_5df77;DevicePicker_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_5df77;Tok zařízení_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [2019-04-04 1268720]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-23 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_5df77;Služba zasílání zpráv_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc_5df77;Data kontaktů_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_5df77;PrintWorkflow_5df77; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2018-04-12 303616]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]

-----------------EOF-----------------
FRST+adddition.zip
(16.47 KiB) Staženo 75 x

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 17:17
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 18:00
od Bubenak1
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-18-2019
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam pro Chrome - Email

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1271 octets] - [18/04/2019 18:34:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 18:57
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {6F272E4A-818B-48AD-BBC4-338AC889E454} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BF2BEF21-909E-4EE5-893D-15F985861CD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C2695AB3-DDDA-49AB-8C07-0CC73DEB1A43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 19:05
od Bubenak1
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.04.2019
Ran by Renátka (18-04-2019 19:59:02) Run:1
Running from C:\Users\Renátka\Desktop
Loaded Profiles: Renátka (Available Profiles: denny & Renátka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {6F272E4A-818B-48AD-BBC4-338AC889E454} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BF2BEF21-909E-4EE5-893D-15F985861CD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C2695AB3-DDDA-49AB-8C07-0CC73DEB1A43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F272E4A-818B-48AD-BBC4-338AC889E454}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F272E4A-818B-48AD-BBC4-338AC889E454}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF2BEF21-909E-4EE5-893D-15F985861CD5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF2BEF21-909E-4EE5-893D-15F985861CD5}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2695AB3-DDDA-49AB-8C07-0CC73DEB1A43}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2695AB3-DDDA-49AB-8C07-0CC73DEB1A43}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 73553477 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2734103 B
Edge => 1479992 B
Chrome => 310839613 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 119144 B
LocalService => 0 B
NetworkService => 70712 B
NetworkService => 0 B
denny => 38580 B
Renátka => 32427141 B

RecycleBin => 7086729 B
EmptyTemp: => 417.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:00:24 ====

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 19:06
od Rudy
Smazáno. Log by již měl být OK.

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 19:21
od Bubenak1
Takže notebook by se již neměl sám aktualizovat?

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 19:54
od Rudy
Pokud máte aktualizace nastaveny na autimaticky, měl by se aktualizovat každou prvidelnou aktualizaci. To, co jsme smazali, byly jen zbytečnosti. Žádný malware tam nebyl.

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 20:42
od Bubenak1
Tak to mi nejspíš nepomohlo ale uvidíme, každopádně děkuji :)

Re: Prosím o kontrolu logu

Napsal: 18 dub 2019 21:07
od Rudy
Nemáte zač. Zkuste aktualizace vypnout a zapnout je znovu při příštích pravidelných (2. středa v květnu). Někdy se podaří ty staré takto opravit při stažení nových.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz