VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Janička at 2020-04-06 22:16:57
Microsoft Windows 10 Home
System drive C: has 400 GB (87%) free of 460 GB
Total RAM: 8075 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:02, on 6. 4. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Users\Janička\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Janička\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Janička.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - HKLM\..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3d699 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9075 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\0615tbUpdateInfo.job - C:\ProgramData\Avg_Update_0615tb\0615tb_{6227F7D6-1F58-476B-8C7A-4091E4F06BD1}.exe /SETINFO /CMPID=0615tb /INFORETRY=3
C:\WINDOWS\tasks\0915tbUpdateInfo.job - C:\ProgramData\Avg_Update_0915tb\0915tb_{D9680261-22D4-46D3-9DE9-C27CDD2FE34F}.exe /SETINFO /CMPID=0915tb /INFORETRY=3 /RUNBY=UP

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BacKGround Agent"=C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-03-12 65280]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2015-01-09 235624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2020-04-06 22:02:05 ----D---- C:\tmp
2020-04-06 22:00:27 ----D---- C:\Program Files (x86)\trend micro
2020-04-06 22:00:26 ----D---- C:\rsit
2020-04-06 21:52:12 ----SH---- C:\bootTel.dat
2020-03-12 23:33:01 ----A---- C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 23:32:25 ----A---- C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-12 23:32:24 ----A---- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 23:32:24 ----A---- C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-12 23:32:24 ----A---- C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-12 23:32:24 ----A---- C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 23:32:24 ----A---- C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-12 23:32:24 ----A---- C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 23:32:23 ----A---- C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-12 23:32:23 ----A---- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-12 23:32:23 ----A---- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-12 23:32:08 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-12 23:32:08 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 23:32:08 ----A---- C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-12 23:32:08 ----A---- C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-12 23:32:08 ----A---- C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-12 23:32:07 ----A---- C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-12 23:32:07 ----A---- C:\WINDOWS\SysWOW64\msi.dll
2020-03-12 23:32:07 ----A---- C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-12 23:32:06 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-12 23:32:06 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 23:32:05 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 23:32:05 ----A---- C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-12 23:32:05 ----A---- C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-12 23:32:04 ----A---- C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-12 23:32:04 ----A---- C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-12 23:32:02 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-12 23:32:01 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-12 23:32:01 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-12 23:31:59 ----A---- C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-12 23:31:59 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-12 23:31:58 ----A---- C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-12 23:31:58 ----A---- C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-12 23:31:58 ----A---- C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-12 23:31:58 ----A---- C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-12 23:31:24 ----A---- C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 23:31:24 ----A---- C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-12 23:31:24 ----A---- C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-12 23:31:24 ----A---- C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-12 23:31:24 ----A---- C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-12 23:31:23 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-12 23:31:23 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 23:31:23 ----A---- C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-12 23:31:23 ----A---- C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\scecli.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\rtm.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\notepad.exe
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\drivers\afunix.sys
2020-03-12 23:31:22 ----A---- C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-12 23:31:21 ----A---- C:\WINDOWS\SysWOW64\msIso.dll
2020-03-12 23:31:21 ----A---- C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-12 23:31:21 ----A---- C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-12 23:31:21 ----A---- C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-12 23:31:20 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2020-03-12 23:31:20 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 23:31:20 ----A---- C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-12 23:31:20 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 23:31:19 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 23:31:19 ----A---- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-12 23:31:19 ----A---- C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-12 23:31:19 ----A---- C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-12 23:31:19 ----A---- C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-12 23:31:19 ----A---- C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\weretw.dll
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\wer.dll
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-12 23:31:18 ----A---- C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-12 23:31:17 ----A---- C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-12 23:31:17 ----A---- C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-12 23:31:17 ----A---- C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-12 23:31:17 ----A---- C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-12 23:31:17 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-12 23:31:16 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-12 23:31:16 ----A---- C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 23:31:15 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-12 23:31:15 ----A---- C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-12 23:31:15 ----A---- C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-12 23:31:15 ----A---- C:\WINDOWS\SysWOW64\ole32.dll
2020-03-12 23:31:15 ----A---- C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-12 23:31:14 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-12 23:31:14 ----A---- C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-12 23:31:13 ----A---- C:\WINDOWS\SysWOW64\win32u.dll
2020-03-12 23:31:13 ----A---- C:\WINDOWS\SysWOW64\win32k.sys
2020-03-12 23:31:13 ----A---- C:\WINDOWS\SysWOW64\user32.dll
2020-03-12 23:31:13 ----A---- C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 23:31:13 ----A---- C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 23:31:12 ----A---- C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-12 23:31:12 ----A---- C:\WINDOWS\SysWOW64\profext.dll
2020-03-12 23:31:12 ----A---- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-12 23:31:01 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 23:31:01 ----A---- C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-12 23:31:01 ----A---- C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 23:31:00 ----A---- C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-12 23:31:00 ----A---- C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-12 23:30:59 ----A---- C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 23:30:59 ----A---- C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-12 23:30:59 ----A---- C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-12 23:30:59 ----A---- C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 23:30:59 ----A---- C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-12 23:30:59 ----A---- C:\WINDOWS\SysWOW64\mssph.dll
2020-03-12 23:30:58 ----A---- C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-12 23:30:58 ----A---- C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-12 23:30:58 ----A---- C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-12 23:30:58 ----A---- C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-12 23:30:58 ----A---- C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-12 23:30:58 ----A---- C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-12 23:30:57 ----A---- C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-12 23:30:57 ----A---- C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-12 23:30:57 ----A---- C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 23:30:57 ----A---- C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-12 23:30:57 ----A---- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-12 23:30:57 ----A---- C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-12 23:30:56 ----A---- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-12 23:30:55 ----A---- C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 23:30:54 ----A---- C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-12 23:30:54 ----A---- C:\WINDOWS\SysWOW64\sxs.dll
2020-03-12 23:30:54 ----A---- C:\WINDOWS\SysWOW64\msctf.dll
2020-03-12 23:30:54 ----A---- C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-12 23:30:54 ----A---- C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-12 23:30:54 ----A---- C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-12 23:30:54 ----A---- C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-12 23:30:53 ----A---- C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-12 23:30:53 ----A---- C:\WINDOWS\SysWOW64\tbs.dll
2020-03-12 23:30:53 ----A---- C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-12 23:30:53 ----A---- C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 23:30:53 ----A---- C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-12 23:30:53 ----A---- C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-12 23:30:52 ----A---- C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-12 23:30:52 ----A---- C:\WINDOWS\SysWOW64\sechost.dll
2020-03-12 23:30:52 ----A---- C:\WINDOWS\SysWOW64\profapi.dll
2020-03-12 23:30:52 ----A---- C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-12 23:30:49 ----A---- C:\WINDOWS\notepad.exe
2020-03-12 23:30:08 ----A---- C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-12 23:29:06 ----A---- C:\WINDOWS\explorer.exe
2020-03-12 22:56:31 ----A---- C:\WINDOWS\SysWOW64\poqexec.exe
2020-02-14 19:38:33 ----D---- C:\ProgramData\ssh
2020-02-11 21:53:12 ----A---- C:\WINDOWS\SysWOW64\cdp.dll
2020-02-11 21:52:58 ----A---- C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-11 21:52:53 ----A---- C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-11 21:52:52 ----A---- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-11 21:52:52 ----A---- C:\WINDOWS\SysWOW64\mf.dll
2020-02-11 21:52:23 ----A---- C:\WINDOWS\SysWOW64\tsgqec.dll
2020-02-11 21:52:22 ----A---- C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-11 21:52:22 ----A---- C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-11 21:52:22 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-11 21:52:18 ----A---- C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-11 21:52:12 ----A---- C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-02-11 21:52:12 ----A---- C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-11 21:52:12 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-11 21:52:12 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2020-02-11 21:52:12 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-02-11 21:52:12 ----A---- C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-11 21:52:11 ----A---- C:\WINDOWS\SysWOW64\werui.dll
2020-02-11 21:52:11 ----A---- C:\WINDOWS\SysWOW64\resutils.dll
2020-02-11 21:52:11 ----A---- C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-11 21:52:11 ----A---- C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-11 21:52:11 ----A---- C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-11 21:52:11 ----A---- C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-11 21:51:30 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-02-11 21:51:30 ----A---- C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-11 21:51:30 ----A---- C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-02-11 21:51:30 ----A---- C:\WINDOWS\SysWOW64\printui.exe
2020-02-11 21:51:30 ----A---- C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-02-11 21:51:30 ----A---- C:\WINDOWS\SysWOW64\comctl32.dll
2020-02-11 21:51:29 ----A---- C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-11 21:51:29 ----A---- C:\WINDOWS\SysWOW64\puiapi.dll
2020-02-11 21:51:29 ----A---- C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-02-11 21:51:29 ----A---- C:\WINDOWS\SysWOW64\compstui.dll
2020-02-11 21:51:27 ----A---- C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-11 21:51:27 ----A---- C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-11 21:51:27 ----A---- C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-11 21:51:27 ----A---- C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-11 21:51:26 ----A---- C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-11 21:51:26 ----A---- C:\WINDOWS\SysWOW64\webio.dll
2020-02-11 21:51:26 ----A---- C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-11 21:51:25 ----A---- C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-11 21:51:24 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-02-11 21:51:24 ----A---- C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-11 21:51:24 ----A---- C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-11 21:51:22 ----A---- C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-11 21:51:21 ----A---- C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-11 21:51:21 ----A---- C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-11 21:51:21 ----A---- C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-11 21:51:21 ----A---- C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-02-11 21:51:21 ----A---- C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-02-11 21:51:20 ----A---- C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-02-11 21:51:20 ----A---- C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-02-11 21:51:20 ----A---- C:\WINDOWS\SysWOW64\globinputhost.dll
2020-02-11 21:51:09 ----A---- C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-02-11 21:51:09 ----A---- C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-11 21:51:08 ----A---- C:\WINDOWS\SysWOW64\twinapi.dll
2020-02-11 21:51:08 ----A---- C:\WINDOWS\SysWOW64\regapi.dll
2020-02-11 21:51:07 ----A---- C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-02-11 21:51:07 ----A---- C:\WINDOWS\SysWOW64\msutb.dll
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\mciseq.dll
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\mcicda.dll
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\AudioSes.dll
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-02-11 21:51:06 ----A---- C:\WINDOWS\SysWOW64\AudioEng.dll
2020-02-11 21:50:56 ----A---- C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-02-11 21:50:56 ----A---- C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-02-11 21:50:56 ----A---- C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-01-17 16:32:58 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-17 16:32:52 ----A---- C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-17 16:32:45 ----A---- C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-17 16:32:45 ----A---- C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-17 16:32:45 ----A---- C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-17 16:32:45 ----A---- C:\WINDOWS\SysWOW64\sti.dll
2020-01-17 16:32:30 ----A---- C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-17 16:32:25 ----A---- C:\WINDOWS\SysWOW64\clfsw32.dll

======List of files/folders modified in the last 3 months======

2020-04-06 22:16:34 ----D---- C:\WINDOWS\System32
2020-04-06 22:11:32 ----D---- C:\WINDOWS\Temp
2020-04-06 22:02:35 ----D---- C:\WINDOWS\Prefetch
2020-04-06 22:00:27 ----RD---- C:\Program Files (x86)
2020-04-06 21:58:07 ----D---- C:\WINDOWS\INF
2020-04-06 21:54:51 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-04-06 21:52:56 ----RD---- C:\Program Files
2020-04-06 19:48:14 ----D---- C:\WINDOWS\WinSxS
2020-04-06 19:29:35 ----D---- C:\WINDOWS\AppReadiness
2020-04-03 19:20:44 ----HD---- C:\ProgramData
2020-04-03 19:20:34 ----HD---- C:\WINDOWS\ELAMBKUP
2020-04-03 12:14:00 ----RD---- C:\WINDOWS\Microsoft.NET
2020-04-03 12:13:44 ----D---- C:\WINDOWS\Logs
2020-04-03 10:17:05 ----D---- C:\ProgramData\Packages
2020-04-03 10:11:05 ----SHD---- C:\WINDOWS\Installer
2020-04-03 10:11:05 ----SHD---- C:\Config.Msi
2020-04-03 09:51:18 ----SHD---- C:\System Volume Information
2020-03-22 20:53:11 ----D---- C:\Program Files (x86)\Common Files\Adobe
2020-03-22 20:52:15 ----D---- C:\WINDOWS\SysWOW64
2020-03-15 12:50:48 ----D---- C:\WINDOWS\SysWOW64\setup
2020-03-15 12:50:47 ----D---- C:\WINDOWS\SysWOW64\migration
2020-03-15 12:50:47 ----D---- C:\WINDOWS\SysWOW64\en-US
2020-03-15 12:50:47 ----D---- C:\WINDOWS\SysWOW64\drivers
2020-03-15 12:50:47 ----D---- C:\WINDOWS\SysWOW64\Dism
2020-03-15 12:50:46 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2020-03-15 12:50:37 ----D---- C:\WINDOWS\SystemResources
2020-03-15 12:50:12 ----D---- C:\WINDOWS\ShellExperiences
2020-03-15 12:50:12 ----D---- C:\WINDOWS\servicing
2020-03-15 12:50:11 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-03-15 12:50:11 ----D---- C:\WINDOWS\bcastdvr
2020-03-15 12:50:10 ----D---- C:\WINDOWS\apppatch
2020-03-15 12:50:10 ----D---- C:\Windows
2020-03-12 23:46:16 ----D---- C:\WINDOWS\CbsTemp
2020-03-08 12:12:12 ----D---- C:\ProgramData\CanonIJPLM
2020-02-23 15:44:30 ----SD---- C:\ProgramData\Microsoft
2020-02-14 20:11:02 ----HD---- C:\OEM
2020-02-14 19:39:13 ----D---- C:\WINDOWS\SysWOW64\oobe
2020-02-14 19:38:43 ----RD---- C:\WINDOWS\PrintDialog
2020-02-14 19:38:41 ----D---- C:\Program Files (x86)\Internet Explorer
2020-02-03 22:56:32 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-01-19 17:05:00 ----RD---- C:\WINDOWS\assembly
2020-01-17 16:59:11 ----D---- C:\WINDOWS\twain_32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys []
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-12 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys []
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys []
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys []
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys []
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys []
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
R3 BtFilter;BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys []
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
R3 iaioi2c;@oem2.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys []
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\drivers\IntcDAud.sys []
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys []
R3 LMDriver;@oem15.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys []
R3 RadioShim;@oem15.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys []
R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys []
R3 RTSPER;@oem24.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys []
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys []
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys []
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys []
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys []
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys []
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys []
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys []
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys []
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys []
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\SysWOW64\drivers\ReFSv1.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys []
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys []
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe []
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2015-03-12 2840832]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CDPUserSvc_3d699;Uživatelská služba platformy připojených zařízení_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2020-04-04 2358784]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe []
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-12-30 455912]
R2 OneSyncSvc_3d699;Hostitel synchronizace_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe []
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 cbdhsvc_3d699;Uživatelská služba schránky_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2020-04-04 2358784]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-07-22 2573032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-03-01 43704]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-06-26 458984]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe []
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-30 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc_3d699;Agent Activation Runtime_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService_3d699;Uživatelská služba pro GameDVR a vysílání her_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService_3d699;Služba pro podporu uživatelů Bluetooth_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService_3d699;CaptureService_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc_3d699;ConsentUX_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-04 299488]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 CredentialEnrollmentManagerUserSvc_3d699;CredentialEnrollmentManagerUserSvc_3d699; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DeviceAssociationBrokerSvc_3d699;DeviceAssociationBroker_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc_3d699;DevicePicker_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc_3d699;Tok zařízení_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\elevation_service.exe [2020-03-16 1113072]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-30 107848]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService_3d699;Služba zasílání zpráv_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe []
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc_3d699;Data kontaktů_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc_3d699;PrintWorkflow_3d699; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe []
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]

-----------------EOF-----------------

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena
• Ak nebudu ziadne nalezy, klikni na
• Pockaj na dokoncenie a potvrd restartovanie PC
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-07-2020
# Duration: 00:00:11
# OS: Windows 10 Home
# Cleaned: 37
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\AVG Security Toolbar
Deleted C:\ProgramData\AVG_UPDATE_0615TB
Deleted C:\ProgramData\AVG_UPDATE_0915TB
Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki

***** [ Files ] *****

Deleted C:\Users\Janička\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\0615TBUPDATEINFO
Deleted C:\Windows\System32\Tasks\0915TBUPDATEINFO
Deleted C:\Windows\Tasks\0615TBUPDATEINFO.JOB
Deleted C:\Windows\Tasks\0915TBUPDATEINFO.JOB

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE53A59F-9D15-4233-A6A8-B388CD7A1FA5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD9B7520-1B6E-439E-BE73-1DADADD463D7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE53A59F-9D15-4233-A6A8-B388CD7A1FA5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD9B7520-1B6E-439E-BE73-1DADADD463D7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0615TBUPDATEINFO
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0915TBUPDATEINFO
Deleted HKLM\Software\AVG Secure Search

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted izito.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B225D04-7D76-435D-8AA5-56B887B0C34C}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{978724F6-1863-4DD5-9E66-FB77F5AB5613}
Deleted Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE247791-4C98-4DF0-B965-D77B108BD3A5}
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Deleted Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Not Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7071 octets] - [07/04/2020 07:57:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2020
Ran by Janička (administrator) on NOTEBOOK (Acer Aspire E5-511) (07-04-2020 23:18:13)
Running from C:\Users\Janička\Desktop
Loaded Profiles: Janička (Available Profiles: Janička)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [185648 2020-04-04] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C44A4D8-5EDB-444B-9FA7-5C11A5F307B2} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [100608 2014-08-29] (Acer Incorporated -> )
Task: {13E53221-5963-4896-B406-E81FB5683DC5} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {429E2EAE-A977-4CC0-9456-53E8DF825F6F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41728 2014-08-29] (Acer Incorporated -> )
Task: {5412CDBB-CD81-4FC0-B7D3-5F811A7B4C73} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72165684-F97D-4F72-8A1F-15591C315B66} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [419048 2014-12-30] (Acer Incorporated -> Acer Incorporate)
Task: {86BB18D0-8E2A-4B8A-94FB-650491D63458} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-08] (Acer Incorporated -> Acer Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8849BFC9-F59E-43A9-AAE4-872DACCD8DD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-30] (Google Inc -> Google Inc.)
Task: {B6E51611-CD86-4CCF-AC6F-804F8EE1A4C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-30] (Google Inc -> Google Inc.)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D146C79F-A17A-484B-B931-20CB3AB7ABFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {F41FB386-D2AA-4B15-B076-09D0FF076F28} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A1A39677-9CBE-4F96-9F21-0AAEE27AC1CE}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-543056139-2719741978-1766798007-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-543056139-2719741978-1766798007-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-543056139-2719741978-1766798007-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File

Edge:
======
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-02-05]

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-543056139-2719741978-1766798007-1001: apexis.com/HIPCamWebPlugin -> C:\Program Files (x86)\IPCWebPlugins\npHIPCamWebPlugin.dll [2017-03-21] (APEXIS) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default [2020-04-07]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://instagram-dm.com; hxxps://kytary.cz; hxxps://ruclip.com; hxxps://velkoobchod.conrad.cz; hxxps://www.automobilovedily24.cz; hxxps://www.banggood.com; hxxps://www.conrad.cz; hxxps://www.dobre-knihy.cz; hxxps://www.euautodily.cz; hxxps://www.kupi.cz; hxxps://www.tectake.cz
CHR HomePage: Default -> hxxp://seznam.cz/
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-07]
CHR Extension: (Tabulky) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-04-06]
CHR Profile: C:\Users\Janička\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [416072 2018-06-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2840832 2015-03-12] (Acer Incorporated -> Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated -> Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporated -> Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporated -> Acer Incorporate)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\NisSrv.exe [3294680 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MsMpEng.exe [103168 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154336 2020-04-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106840 2020-03-22] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188872 2020-03-22] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53048 2020-03-22] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79520 2020-03-22] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115960 2020-03-22] (ESET, spol. s r.o. -> ESET)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc. -> McAfee, Inc.)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-16] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-16] (Acer Incorporated -> Acer Incorporated)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-03-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-07 23:18 - 2020-04-07 23:20 - 000019522 _____ C:\Users\Janička\Desktop\FRST.txt
2020-04-07 23:17 - 2020-04-07 23:19 - 000000000 ____D C:\FRST
2020-04-07 23:17 - 2020-04-07 23:17 - 002281472 _____ (Farbar) C:\Users\Janička\Desktop\FRST64.exe
2020-04-07 08:10 - 2020-04-07 08:10 - 008196784 _____ (Malwarebytes) C:\Users\Janička\Downloads\adwcleaner_8.0.4 (1).exe
2020-04-07 07:55 - 2020-04-07 08:01 - 000000000 ____D C:\AdwCleaner
2020-04-07 07:54 - 2020-04-07 07:53 - 008196784 _____ (Malwarebytes) C:\Users\Janička\Desktop\adwcleaner_8.0.4.exe
2020-04-07 07:53 - 2020-04-07 07:53 - 008196784 _____ (Malwarebytes) C:\Users\Janička\Downloads\adwcleaner_8.0.4.exe
2020-04-06 22:02 - 2020-04-06 22:02 - 000000000 ____D C:\tmp
2020-04-06 22:00 - 2020-04-06 22:16 - 000000000 ____D C:\Program Files (x86)\trend micro
2020-04-06 22:00 - 2020-04-06 22:00 - 000000000 ____D C:\rsit
2020-04-06 21:59 - 2020-04-06 21:59 - 001107968 _____ C:\Users\Janička\Downloads\RSIT.exe
2020-04-06 21:52 - 2020-04-06 21:52 - 000000080 ___SH C:\bootTel.dat
2020-04-03 11:33 - 2020-04-03 11:33 - 000000000 ____D C:\Users\Janička\AppData\Local\mbamtray
2020-04-03 11:33 - 2020-04-03 11:33 - 000000000 ____D C:\Users\Janička\AppData\Local\mbam
2020-04-03 11:33 - 2020-04-03 11:33 - 000000000 ____D C:\Users\Janička\AppData\Local\cache
2020-04-03 11:30 - 2020-04-03 11:30 - 001957784 _____ (Malwarebytes) C:\Users\Janička\Downloads\MBSetup.exe
2020-03-12 23:33 - 2020-03-12 23:33 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-12 23:33 - 2020-03-12 23:33 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-12 23:32 - 2020-03-12 23:32 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-12 23:32 - 2020-03-12 23:32 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-12 23:31 - 2020-03-12 23:32 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-12 23:31 - 2020-03-12 23:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-12 23:31 - 2020-03-12 23:31 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-12 23:31 - 2020-03-12 23:31 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-12 23:31 - 2020-03-12 23:31 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-12 23:31 - 2020-03-12 23:31 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-12 23:31 - 2020-03-12 23:31 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-12 23:31 - 2020-03-12 23:31 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-12 23:31 - 2020-03-12 23:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-12 23:30 - 2020-03-12 23:31 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-12 23:30 - 2020-03-12 23:30 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-12 23:30 - 2020-03-12 23:30 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-12 23:30 - 2020-03-12 23:30 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-12 23:30 - 2020-03-12 23:30 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-12 23:30 - 2020-03-12 23:30 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-12 23:29 - 2020-03-12 23:30 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-12 23:29 - 2020-03-12 23:29 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-12 23:29 - 2020-03-12 23:29 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-12 23:29 - 2020-03-12 23:29 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-12 23:29 - 2020-03-12 23:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-12 23:29 - 2020-03-12 23:29 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-12 23:29 - 2020-03-12 23:29 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-12 23:28 - 2020-03-12 23:28 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-12 23:28 - 2020-03-12 23:28 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-12 23:28 - 2020-03-12 23:28 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-12 23:28 - 2020-03-12 23:28 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-12 23:28 - 2020-03-12 23:28 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-12 23:28 - 2020-03-12 23:28 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-12 23:28 - 2020-03-12 23:28 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-12 23:28 - 2020-03-12 23:28 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-12 23:28 - 2020-03-12 23:28 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-12 23:28 - 2020-03-12 23:28 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-12 22:56 - 2020-02-11 06:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-12 22:56 - 2020-02-11 06:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-09 21:46 - 2020-03-09 21:46 - 004642218 _____ C:\Users\Janička\Downloads\CZ_VIADRUS_U22_Economy_Navod_k_obsluze_a_instalaci_2019_33.pdf
2020-03-09 21:46 - 2020-03-09 21:46 - 004642218 _____ C:\Users\Janička\Downloads\CZ_VIADRUS_U22_Economy_Navod_k_obsluze_a_instalaci_2019_33 (1).pdf
2020-03-08 12:14 - 2020-03-08 12:14 - 000000000 ____D C:\Users\Janička\Documents\Kotel Hercules U68 - Diskuze TZB-info_files
2020-03-08 12:13 - 2020-03-08 12:14 - 000092966 _____ C:\Users\Janička\Documents\Kotel Hercules U68 - Diskuze TZB-info.html
2020-03-08 12:02 - 2020-03-08 12:02 - 000423149 _____ C:\Users\Janička\Downloads\Hercules_U68_CZ_180731_web_ořez.pdf
2020-03-08 12:02 - 2020-03-08 12:02 - 000423149 _____ C:\Users\Janička\Downloads\Hercules_U68_CZ_180731_web_ořez (1).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-07 23:15 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-07 23:13 - 2019-09-15 01:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-07 22:08 - 2019-09-15 01:28 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-07 22:08 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-04-07 22:08 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-04-07 22:08 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-07 22:04 - 2015-03-30 09:58 - 000000000 __SHD C:\Users\Janička\IntelGraphicsProfiles
2020-04-07 22:03 - 2019-09-15 01:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-07 09:27 - 2019-09-15 01:15 - 000000000 ____D C:\Users\Janička
2020-04-07 08:01 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-07 00:16 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-07 00:16 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-06 22:58 - 2015-03-30 09:58 - 000000000 ____D C:\Users\Janička\AppData\Local\Packages
2020-04-06 22:19 - 2015-03-30 09:59 - 000000000 ____D C:\Users\Janička\AppData\Local\VirtualStore
2020-04-04 09:37 - 2015-07-14 15:29 - 000154336 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-04-03 19:20 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-03 10:17 - 2019-01-09 01:01 - 000000000 ____D C:\ProgramData\Packages
2020-04-03 10:17 - 2018-03-04 14:44 - 000000000 ____D C:\Users\Janička\AppData\Local\PlaceholderTileLogoFolder
2020-03-24 18:21 - 2018-03-01 17:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-24 18:12 - 2018-01-14 14:21 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-22 20:54 - 2019-09-15 01:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-22 20:53 - 2017-10-01 20:12 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-22 19:59 - 2019-09-15 01:43 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-543056139-2719741978-1766798007-1001
2020-03-22 19:59 - 2019-09-15 01:15 - 000002371 _____ C:\Users\Janička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 19:59 - 2018-01-12 22:19 - 000000000 ___RD C:\Users\Janička\OneDrive
2020-03-22 19:55 - 2018-06-27 00:34 - 000053048 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-03-22 19:55 - 2015-07-14 15:29 - 000188872 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-03-22 19:55 - 2015-07-14 15:29 - 000115960 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-03-22 19:55 - 2015-07-14 15:29 - 000106840 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-03-22 19:55 - 2015-07-14 15:29 - 000079520 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-03-21 13:14 - 2015-03-30 11:11 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-21 13:14 - 2015-03-30 11:11 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-21 13:07 - 2019-09-15 01:43 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 13:07 - 2019-09-15 01:43 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-15 12:59 - 2015-03-31 00:57 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-15 12:58 - 2018-01-12 22:08 - 000000000 ___RD C:\Users\Janička\3D Objects
2020-03-15 12:54 - 2019-09-15 01:01 - 000392432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-15 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-15 12:50 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-12 23:46 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-12 23:46 - 2015-04-09 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-12 23:46 - 2015-04-09 10:24 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-08 12:12 - 2019-11-13 16:40 - 000000000 ____D C:\ProgramData\CanonIJPLM

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2020
Ran by Janička (07-04-2020 23:22:29)
Running from C:\Users\Janička\Desktop
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-14 23:45:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-543056139-2719741978-1766798007-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-543056139-2719741978-1766798007-503 - Limited - Disabled)
Guest (S-1-5-21-543056139-2719741978-1766798007-501 - Limited - Disabled)
Janička (S-1-5-21-543056139-2719741978-1766798007-1001 - Administrator - Enabled) => C:\Users\Janička
WDAGUtilityAccount (S-1-5-21-543056139-2719741978-1766798007-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.1.0 - Canon Inc.)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.01 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 13.1.21.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
IPCWebPlugins version 2.2.2 (HKLM-x32\...\{81F84A96-5679-472C-8116-74A2A38F71B1}_is1) (Version: 2.2.2 - APEXIS)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-543056139-2719741978-1766798007-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version: - ‭Canon Inc.)
SMI USB Grabber (HKLM-x32\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.02 - Somagic Inc)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )

Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2018-01-17] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-20] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-23] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-04-05] (eBay, Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
Videomomentky -> C:\Program Files\WindowsApps\Microsoft.MovieMoments_6.3.9654.20464_x64__8wekyb3d8bbwe [2015-03-30] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-543056139-2719741978-1766798007-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Janička\Desktop\KAMERA.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://192.168.1.110/main.htm

==================== Loaded Modules (Whitelisted) =============

2019-11-13 17:00 - 2015-01-09 09:45 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2019-11-13 17:00 - 2015-01-09 09:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2019-11-13 16:54 - 2015-03-17 09:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-05-17 19:43 - 2018-05-17 19:48 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-543056139-2719741978-1766798007-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BA82EA84-9FDD-4228-BB89-7723EF962B31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3FAD8741-6B9D-47C9-911E-7FEF40B412E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{86AFE3D5-54FE-46AB-A544-86E9F4058B3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A165D5D4-4237-4244-A3D3-6891C80EEBC4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7BA249C4-C6CA-487B-9D36-E88893A807ED}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe No File
FirewallRules: [{9CDD62C4-EC3D-424A-8382-322D081AED80}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe No File
FirewallRules: [{00ADB2DF-C19F-463E-908C-BB1ADAC24493}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{8D3F79A3-3B50-42BB-89DB-16EB76D40AD8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{36BA6488-CB59-470B-B86F-CD6F88C1E31A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{81489F43-E7B4-4289-89ED-F3E26789BEF0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{0190A328-3BA2-4B59-B78E-9C68EBB54D91}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe No File
FirewallRules: [{92BEE3A9-1CFB-499E-AF2B-D1AF9E5AD2EF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe No File
FirewallRules: [{0515CC0C-A308-405E-B8BA-67B289CEB7CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0A73ED4A-5FF3-4CD9-AD73-84F242055678}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{5C5E3E8A-61B2-4803-B3A1-642648C9A407}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{B70F7E19-826F-4B68-94B0-5D0C9F1C79B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{CCDFCA8B-2931-4DF4-93F6-0C6CFA829B28}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{F6C7634F-2B18-4C9C-A4E7-1424E98C66CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{224E9B9F-E2AD-4EB0-BD00-5257FB76D176}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{C217C3E1-A233-4D68-BFE8-48BA775BA1A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{671BA80A-B535-4208-91DB-D97E21C3CC97}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{7E0C21D4-ECDC-4789-8FAF-7FCD8EEBA351}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{0A97FA62-B400-41A2-9630-9B4F6C18BF74}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{D30BB287-E09B-49E5-A81D-654280930726}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{72825B1D-7922-453F-9AB3-5797097CA75F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{697B756B-34EF-4E60-BD49-7E5FE2DF2715}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{6AE24C63-A562-4BB8-9C5A-A6D0B93A8182}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{2E71CFBA-6156-42F2-8C3B-F9600D7D5BF0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{87F3A2D7-0F1D-44BF-8FEC-D48233E430BE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe No File
FirewallRules: [{762F2376-E802-40DD-B916-36ABF8385125}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe No File
FirewallRules: [{218CDCB9-1627-4426-AF06-6C39355E3187}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe No File
FirewallRules: [{28BBDB18-7D08-4AE0-9AC5-1AC4F14D2A63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe No File
FirewallRules: [{B72AF818-FFF0-46DF-AA63-52CB248DD022}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{BDD02397-6D97-4E49-B730-D30BFE899CF1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{B83658B0-7E80-4A01-AEAA-1D3B191419CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0DC2196E-A2CF-4945-9C0C-E7B040C88103}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{4A521D4C-C8C7-45EE-8DAD-D79E5CCCB804}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{527B3D77-B687-4E43-A286-1BEA72AB3D35}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{60D1A742-4571-4BCA-BF6E-0BB0FB0A8A5D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{F430D4A4-2918-4A09-8E58-59D3ACBB1E77}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{6048CB62-E080-47AE-B9C4-C35E75C29BDD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5DA601E8-6E44-45F4-A07C-CAC3526B781B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{CCF71329-363E-4833-B592-04BBC33E90F2}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe No File
FirewallRules: [{D58EA7E2-5AD9-4367-A600-FE3EAE7119FF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe No File
FirewallRules: [{9F0D45AB-C1E3-4E63-A5FA-25493FD68559}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe No File
FirewallRules: [{3FE0ACA5-F4AA-4337-AEBB-F52866D02965}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe No File
FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
FirewallRules: [{CBF4EF89-D0E2-4049-9DA2-9E6822DA89C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-03-2020 20:54:29 Naplánovaný kontrolní bod
03-04-2020 09:49:26 Windows Update
07-04-2020 07:59:59 AdwCleaner_BeforeCleaning_07/04/2020_07:59:59

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/07/2020 10:39:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4500,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/07/2020 10:11:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4616,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/07/2020 07:38:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3668,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/07/2020 01:52:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4520,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/07/2020 10:03:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/07/2020 09:34:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3300,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/07/2020 08:30:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8736,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/07/2020 08:10:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5024,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (04/07/2020 10:03:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:15:13, ‎07.‎04.‎2020) bylo neočekávané.

Error: (04/07/2020 01:45:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:57:24, ‎07.‎04.‎2020) bylo neočekávané.

Error: (04/07/2020 09:27:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:02:38, ‎07.‎04.‎2020) bylo neočekávané.

Error: (04/07/2020 08:01:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba User Experience Improvement Program byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/07/2020 08:01:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ePower Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/07/2020 08:01:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Quick Access Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/07/2020 08:01:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/07/2020 08:01:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2020-04-07 22:06:19.767
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-07 22:06:19.713
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-07 22:06:17.832
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-07 22:06:17.811
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-07 22:06:08.079
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-07 22:06:08.060
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-07 22:06:08.000
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-07 13:47:42.750
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Acer V1.10 09/09/2015
Motherboard: Acer Aspire E5-511
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 37%
Total physical RAM: 8075.2 MB
Available physical RAM: 5021.87 MB
Total Virtual: 8587.2 MB
Available Virtual: 5596.04 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.6 GB) (Free:388.66 GB) NTFS

\\?\Volume{fa756226-26ac-4779-9f64-cc37a7c7891c}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.29 GB) NTFS
\\?\Volume{9c20df30-a6c3-4606-be65-17f09d052d92}\ (Push Button Reset) (Fixed) (Total:15.15 GB) (Free:2.18 GB) NTFS
\\?\Volume{33641d88-d556-41e2-a64a-a54ed4b89f86}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5955F082)

Partition: GPT.

==================== End of Addition.txt =======================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files (x86)\IPCWebPlugins\npHIPCamWebPlugin.dll 
  
  HKU\S-1-5-21-543056139-2719741978-1766798007-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
  BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
  FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
  CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
  CHR DefaultSearchKeyword: Default -> seznam.cz
  CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
  S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
  S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc. -> McAfee, Inc.)
  C:\WINDOWS\System32\drivers\HipShieldK.sys
  2020-04-06 22:00 - 2020-04-06 22:16 - 000000000 ____D C:\Program Files (x86)\trend micro
  2020-04-06 22:00 - 2020-04-06 22:00 - 000000000 ____D C:\rsit
  2020-04-06 21:59 - 2020-04-06 21:59 - 001107968 _____ C:\Users\Janička\Downloads\RSIT.exe
  ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
  ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
  ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
  ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
  ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
  ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
  ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  FirewallRules: [{7BA249C4-C6CA-487B-9D36-E88893A807ED}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe No File
  FirewallRules: [{9CDD62C4-EC3D-424A-8382-322D081AED80}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe No File
  FirewallRules: [{00ADB2DF-C19F-463E-908C-BB1ADAC24493}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
  FirewallRules: [{8D3F79A3-3B50-42BB-89DB-16EB76D40AD8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
  FirewallRules: [{36BA6488-CB59-470B-B86F-CD6F88C1E31A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe No File
  FirewallRules: [{81489F43-E7B4-4289-89ED-F3E26789BEF0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe No File
  FirewallRules: [{0190A328-3BA2-4B59-B78E-9C68EBB54D91}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe No File
  FirewallRules: [{92BEE3A9-1CFB-499E-AF2B-D1AF9E5AD2EF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe No File
  FirewallRules: [{0515CC0C-A308-405E-B8BA-67B289CEB7CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{0A73ED4A-5FF3-4CD9-AD73-84F242055678}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{5C5E3E8A-61B2-4803-B3A1-642648C9A407}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{B70F7E19-826F-4B68-94B0-5D0C9F1C79B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{CCDFCA8B-2931-4DF4-93F6-0C6CFA829B28}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{F6C7634F-2B18-4C9C-A4E7-1424E98C66CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{224E9B9F-E2AD-4EB0-BD00-5257FB76D176}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{C217C3E1-A233-4D68-BFE8-48BA775BA1A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{671BA80A-B535-4208-91DB-D97E21C3CC97}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
  FirewallRules: [{7E0C21D4-ECDC-4789-8FAF-7FCD8EEBA351}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
  FirewallRules: [{0A97FA62-B400-41A2-9630-9B4F6C18BF74}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
  FirewallRules: [{D30BB287-E09B-49E5-A81D-654280930726}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
  FirewallRules: [{72825B1D-7922-453F-9AB3-5797097CA75F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
  FirewallRules: [{697B756B-34EF-4E60-BD49-7E5FE2DF2715}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
  FirewallRules: [{6AE24C63-A562-4BB8-9C5A-A6D0B93A8182}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
  FirewallRules: [{2E71CFBA-6156-42F2-8C3B-F9600D7D5BF0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
  FirewallRules: [{87F3A2D7-0F1D-44BF-8FEC-D48233E430BE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe No File
  FirewallRules: [{762F2376-E802-40DD-B916-36ABF8385125}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe No File
  FirewallRules: [{218CDCB9-1627-4426-AF06-6C39355E3187}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe No File
  FirewallRules: [{28BBDB18-7D08-4AE0-9AC5-1AC4F14D2A63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe No File
  FirewallRules: [{B83658B0-7E80-4A01-AEAA-1D3B191419CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{0DC2196E-A2CF-4945-9C0C-E7B040C88103}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{4A521D4C-C8C7-45EE-8DAD-D79E5CCCB804}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{527B3D77-B687-4E43-A286-1BEA72AB3D35}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{60D1A742-4571-4BCA-BF6E-0BB0FB0A8A5D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{F430D4A4-2918-4A09-8E58-59D3ACBB1E77}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
  FirewallRules: [{6048CB62-E080-47AE-B9C4-C35E75C29BDD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{5DA601E8-6E44-45F4-A07C-CAC3526B781B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
  FirewallRules: [{CCF71329-363E-4833-B592-04BBC33E90F2}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe No File
  FirewallRules: [{D58EA7E2-5AD9-4367-A600-FE3EAE7119FF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe No File
  FirewallRules: [{9F0D45AB-C1E3-4E63-A5FA-25493FD68559}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe No File
  FirewallRules: [{3FE0ACA5-F4AA-4337-AEBB-F52866D02965}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe No File
  FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
  FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
  FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
  FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
  FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
  FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
  FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
  FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
  FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2020
Ran by Janička (08-04-2020 20:27:56) Run:1
Running from C:\Users\Janička\Desktop
Loaded Profiles: Janička (Available Profiles: Janička)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\IPCWebPlugins\npHIPCamWebPlugin.dll

HKU\S-1-5-21-543056139-2719741978-1766798007-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc. -> McAfee, Inc.)
C:\WINDOWS\System32\drivers\HipShieldK.sys
2020-04-06 22:00 - 2020-04-06 22:16 - 000000000 ____D C:\Program Files (x86)\trend micro
2020-04-06 22:00 - 2020-04-06 22:00 - 000000000 ____D C:\rsit
2020-04-06 21:59 - 2020-04-06 21:59 - 001107968 _____ C:\Users\Janička\Downloads\RSIT.exe
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{7BA249C4-C6CA-487B-9D36-E88893A807ED}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe No File
FirewallRules: [{9CDD62C4-EC3D-424A-8382-322D081AED80}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe No File
FirewallRules: [{00ADB2DF-C19F-463E-908C-BB1ADAC24493}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{8D3F79A3-3B50-42BB-89DB-16EB76D40AD8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{36BA6488-CB59-470B-B86F-CD6F88C1E31A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{81489F43-E7B4-4289-89ED-F3E26789BEF0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{0190A328-3BA2-4B59-B78E-9C68EBB54D91}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe No File
FirewallRules: [{92BEE3A9-1CFB-499E-AF2B-D1AF9E5AD2EF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe No File
FirewallRules: [{0515CC0C-A308-405E-B8BA-67B289CEB7CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0A73ED4A-5FF3-4CD9-AD73-84F242055678}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{5C5E3E8A-61B2-4803-B3A1-642648C9A407}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{B70F7E19-826F-4B68-94B0-5D0C9F1C79B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{CCDFCA8B-2931-4DF4-93F6-0C6CFA829B28}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{F6C7634F-2B18-4C9C-A4E7-1424E98C66CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{224E9B9F-E2AD-4EB0-BD00-5257FB76D176}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{C217C3E1-A233-4D68-BFE8-48BA775BA1A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{671BA80A-B535-4208-91DB-D97E21C3CC97}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{7E0C21D4-ECDC-4789-8FAF-7FCD8EEBA351}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{0A97FA62-B400-41A2-9630-9B4F6C18BF74}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{D30BB287-E09B-49E5-A81D-654280930726}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{72825B1D-7922-453F-9AB3-5797097CA75F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{697B756B-34EF-4E60-BD49-7E5FE2DF2715}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{6AE24C63-A562-4BB8-9C5A-A6D0B93A8182}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{2E71CFBA-6156-42F2-8C3B-F9600D7D5BF0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{87F3A2D7-0F1D-44BF-8FEC-D48233E430BE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe No File
FirewallRules: [{762F2376-E802-40DD-B916-36ABF8385125}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe No File
FirewallRules: [{218CDCB9-1627-4426-AF06-6C39355E3187}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe No File
FirewallRules: [{28BBDB18-7D08-4AE0-9AC5-1AC4F14D2A63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe No File
FirewallRules: [{B83658B0-7E80-4A01-AEAA-1D3B191419CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0DC2196E-A2CF-4945-9C0C-E7B040C88103}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{4A521D4C-C8C7-45EE-8DAD-D79E5CCCB804}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{527B3D77-B687-4E43-A286-1BEA72AB3D35}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{60D1A742-4571-4BCA-BF6E-0BB0FB0A8A5D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{F430D4A4-2918-4A09-8E58-59D3ACBB1E77}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{6048CB62-E080-47AE-B9C4-C35E75C29BDD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5DA601E8-6E44-45F4-A07C-CAC3526B781B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{CCF71329-363E-4833-B592-04BBC33E90F2}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe No File
FirewallRules: [{D58EA7E2-5AD9-4367-A600-FE3EAE7119FF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe No File
FirewallRules: [{9F0D45AB-C1E3-4E63-A5FA-25493FD68559}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe No File
FirewallRules: [{3FE0ACA5-F4AA-4337-AEBB-F52866D02965}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe No File
FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe No File
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 2062
Average :
Sum : 10379490459
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\IPCWebPlugins\npHIPCamWebPlugin.dll ========================

C:\Program Files (x86)\IPCWebPlugins\npHIPCamWebPlugin.dll
File not signed
MD5: 9C091A5663EB2059E489E5012D085A31
Creation and modification date: 2017-10-08 14:44 - 2017-03-21 19:08
Size: 001350656
Attributes: ----A
Company Name: APEXIS
Internal Name: npHIPCamWebPlugin
Original Name: npHIPCamWebPlugin
Product: HIPCamWebPlugin
Description: HIPCAM WEB PLUGIN
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright 2016 APEXIS
VirusTotal: https://www.virustotal.com/file/39739fe ... 515566774/

====== End of File: ======

HKU\S-1-5-21-543056139-2719741978-1766798007-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKLM\System\CurrentControlSet\Services\UEIPSvc => removed successfully
UEIPSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\HipShieldK => removed successfully
HipShieldK => service removed successfully
C:\WINDOWS\System32\drivers\HipShieldK.sys => moved successfully
C:\Program Files (x86)\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Janička\Downloads\RSIT.exe => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BA249C4-C6CA-487B-9D36-E88893A807ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9CDD62C4-EC3D-424A-8382-322D081AED80}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00ADB2DF-C19F-463E-908C-BB1ADAC24493}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D3F79A3-3B50-42BB-89DB-16EB76D40AD8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36BA6488-CB59-470B-B86F-CD6F88C1E31A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81489F43-E7B4-4289-89ED-F3E26789BEF0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0190A328-3BA2-4B59-B78E-9C68EBB54D91}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92BEE3A9-1CFB-499E-AF2B-D1AF9E5AD2EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0515CC0C-A308-405E-B8BA-67B289CEB7CD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A73ED4A-5FF3-4CD9-AD73-84F242055678}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C5E3E8A-61B2-4803-B3A1-642648C9A407}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B70F7E19-826F-4B68-94B0-5D0C9F1C79B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCDFCA8B-2931-4DF4-93F6-0C6CFA829B28}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F6C7634F-2B18-4C9C-A4E7-1424E98C66CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{224E9B9F-E2AD-4EB0-BD00-5257FB76D176}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C217C3E1-A233-4D68-BFE8-48BA775BA1A1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{671BA80A-B535-4208-91DB-D97E21C3CC97}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E0C21D4-ECDC-4789-8FAF-7FCD8EEBA351}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A97FA62-B400-41A2-9630-9B4F6C18BF74}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D30BB287-E09B-49E5-A81D-654280930726}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{72825B1D-7922-453F-9AB3-5797097CA75F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{697B756B-34EF-4E60-BD49-7E5FE2DF2715}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AE24C63-A562-4BB8-9C5A-A6D0B93A8182}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E71CFBA-6156-42F2-8C3B-F9600D7D5BF0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87F3A2D7-0F1D-44BF-8FEC-D48233E430BE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{762F2376-E802-40DD-B916-36ABF8385125}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{218CDCB9-1627-4426-AF06-6C39355E3187}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28BBDB18-7D08-4AE0-9AC5-1AC4F14D2A63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B83658B0-7E80-4A01-AEAA-1D3B191419CA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0DC2196E-A2CF-4945-9C0C-E7B040C88103}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A521D4C-C8C7-45EE-8DAD-D79E5CCCB804}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{527B3D77-B687-4E43-A286-1BEA72AB3D35}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60D1A742-4571-4BCA-BF6E-0BB0FB0A8A5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F430D4A4-2918-4A09-8E58-59D3ACBB1E77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6048CB62-E080-47AE-B9C4-C35E75C29BDD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5DA601E8-6E44-45F4-A07C-CAC3526B781B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCF71329-363E-4833-B592-04BBC33E90F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D58EA7E2-5AD9-4367-A600-FE3EAE7119FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F0D45AB-C1E3-4E63-A5FA-25493FD68559}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3FE0ACA5-F4AA-4337-AEBB-F52866D02965}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B0A8986-CF0E-444E-9980-89AA689A5F63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A634A7B9-DC92-4733-91A5-62440209799E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB065535-F3C5-4A3C-9FB0-90E9F8496509}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32364E85-BC96-4E5F-B66E-C42B64913155}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{693F7DA1-D651-42E5-97EE-8E63195D98F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1414C8AC-D04A-428C-8526-E809CA219532}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9986048 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28928262 B
Java, Flash, Steam htmlcache => 610 B
Windows/system/drivers => 4042025 B
Edge => 3276038 B
Chrome => 197245820 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 554064 B
NetworkService => 593688 B
Janička => 36537287 B

RecycleBin => 1472924971 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:33:01 ====

Pardon za zdrzanie. Ako to vyzera s PC? Nastala nejaka zmena?

Ráno jsem testoval a vypadá to OK. Mockrát děkuji za pomoc, hezké Velikonoce.

To som rad a taktiez prajem pekne sviatky

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

A este odporucam preventivne skontrolovat v Chrome zoznam stranok, ktore maju povolene zasielat notifikacie - https://support.google.com/chrome/answer/3220216