VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by acerf at 2021-01-24 18:35:09
Microsoft Windows 7 Home Premium
System drive C: has 82 GB (57%) free of 144 GB
Total RAM: 1977 MB (30% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e96b56c0-d02e-4923-bdf9-b27ec1e8dacf -SystemEventPortName:HostProcess-3048e603-4edf-44c3-9e75-3643adaaa248 -IoCancelEventPortName:HostProcess-4eb9abab-6a60-4844-8770-f0638c3ce895 -NonStateChangingEventPortName:HostProcess-507a18e8-9a24-4a6b-8889-e235d5bc6596 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9d43788b-56c9-440c-9096-993d4359ffe6
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN38H1G03605SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\ESET\ESET Security\eguiproxy.exe" /hide
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"

C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskeng.exe {BD9FA7D6-AA9F-45F7-B96C-C53199889242}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\acerf\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\acerf\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\acerf\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=87.0.4280.141 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fee7b91eb0,0x7fee7b91ec0,0x7fee7b91ed0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1060,18165070245106746979,10172815359608041688,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1072 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1060,18165070245106746979,10172815359608041688,131072 --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=1420 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1060,18165070245106746979,10172815359608041688,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=1676 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1060,18165070245106746979,10172815359608041688,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1060,18165070245106746979,10172815359608041688,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4504 /prefetch:1
"C:\Windows\system32\taskmgr.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\acerf\Downloads\RSITx64.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-02-01 349552]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-03-15 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-03-15 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-03-15 365592]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-02-26 818720]
"OOTag"=C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [2010-02-23 13856]
"egui"=C:\Program Files\ESET\ESET Security\ecmdS.exe [2020-12-16 180736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
"OOTag"=C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [2010-02-23 13856]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2010-01-18 181480]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
eInstruction Device Manager.lnk - C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-01-24 18:22:47 ----D---- C:\Program Files\trend micro
2021-01-24 18:22:45 ----D---- C:\rsit
2021-01-24 17:51:07 ----D---- C:\Program Files (x86)\Atheros
2021-01-24 17:51:07 ----A---- C:\Windows\system32\athrx.sys
2021-01-24 17:50:17 ----D---- C:\temp
2021-01-24 17:35:40 ----D---- C:\Users\acerf\AppData\Roaming\TeamViewer
2021-01-24 17:35:19 ----D---- C:\Program Files (x86)\TeamViewer
2021-01-24 16:50:19 ----D---- C:\ProgramData\Atheros
2021-01-24 16:17:41 ----D---- C:\Users\acerf\AppData\Roaming\SoftDMA
2021-01-24 16:16:15 ----D---- C:\Users\acerf\AppData\Roaming\PowerCinema
2021-01-24 16:05:51 ----D---- C:\Program Files (x86)\Cisco
2021-01-24 16:05:17 ----A---- C:\Windows\system32\bcmwlrc.dll
2021-01-24 16:05:12 ----D---- C:\Users\acerf\AppData\Roaming\InstallShield
2021-01-24 15:36:19 ----A---- C:\Windows\ntbtlog.txt

======List of files/folders modified in the last 1 month======

2021-01-24 18:35:51 ----D---- C:\Windows\Temp
2021-01-24 18:35:00 ----SD---- C:\ProgramData\Microsoft
2021-01-24 18:22:47 ----D---- C:\Program Files
2021-01-24 17:51:15 ----D---- C:\Windows\system32\catroot
2021-01-24 17:51:07 ----RD---- C:\Program Files (x86)
2021-01-24 17:51:07 ----D---- C:\Windows\System32
2021-01-24 17:51:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2021-01-24 17:51:02 ----SHD---- C:\System Volume Information
2021-01-24 17:42:19 ----D---- C:\Windows\system32\config
2021-01-24 17:36:03 ----D---- C:\Windows\system32\Tasks
2021-01-24 17:35:47 ----RSD---- C:\Windows\Fonts
2021-01-24 17:13:18 ----AD---- C:\Windows
2021-01-24 17:08:54 ----D---- C:\Windows\inf
2021-01-24 17:08:53 ----D---- C:\Windows\system32\drivers
2021-01-24 16:54:37 ----D---- C:\Windows\system32\DriverStore
2021-01-24 16:50:19 ----HD---- C:\ProgramData
2021-01-24 16:47:31 ----D---- C:\Windows\SoftwareDistribution
2021-01-24 16:47:01 ----D---- C:\Windows\Logs
2021-01-24 16:16:22 ----D---- C:\ProgramData\CyberLink
2021-01-24 16:05:55 ----SHD---- C:\Windows\Installer
2021-01-24 16:05:18 ----D---- C:\Windows\system32\zh-TW
2021-01-24 16:05:18 ----D---- C:\Windows\system32\zh-HK
2021-01-24 16:05:18 ----D---- C:\Windows\system32\zh-CN
2021-01-24 16:05:18 ----D---- C:\Windows\system32\tr-TR
2021-01-24 16:05:18 ----D---- C:\Windows\system32\th-TH
2021-01-24 16:05:18 ----D---- C:\Windows\system32\sv-SE
2021-01-24 16:05:18 ----D---- C:\Windows\system32\sl-SI
2021-01-24 16:05:18 ----D---- C:\Windows\system32\sk-SK
2021-01-24 16:05:18 ----D---- C:\Windows\system32\ru-RU
2021-01-24 16:05:18 ----D---- C:\Windows\system32\ro-RO
2021-01-24 16:05:18 ----D---- C:\Windows\system32\pt-PT
2021-01-24 16:05:18 ----D---- C:\Windows\system32\pt-BR
2021-01-24 16:05:18 ----D---- C:\Windows\system32\pl-PL
2021-01-24 16:05:18 ----D---- C:\Windows\system32\nl-NL
2021-01-24 16:05:18 ----D---- C:\Windows\system32\nb-NO
2021-01-24 16:05:18 ----D---- C:\Windows\system32\lv-LV
2021-01-24 16:05:18 ----D---- C:\Windows\system32\lt-LT
2021-01-24 16:05:18 ----D---- C:\Windows\system32\ko-KR
2021-01-24 16:05:18 ----D---- C:\Windows\system32\ja-JP
2021-01-24 16:05:18 ----D---- C:\Windows\system32\it-IT
2021-01-24 16:05:18 ----D---- C:\Windows\system32\hu-HU
2021-01-24 16:05:18 ----D---- C:\Windows\system32\hr-HR
2021-01-24 16:05:18 ----D---- C:\Windows\system32\he-IL
2021-01-24 16:05:17 ----D---- C:\Windows\system32\fr-FR
2021-01-24 16:05:17 ----D---- C:\Windows\system32\fi-FI
2021-01-24 16:05:17 ----D---- C:\Windows\system32\et-EE
2021-01-24 16:05:17 ----D---- C:\Windows\system32\es-ES
2021-01-24 16:05:17 ----D---- C:\Windows\system32\en-US
2021-01-24 16:05:17 ----D---- C:\Windows\system32\el-GR
2021-01-24 16:05:17 ----D---- C:\Windows\system32\de-DE
2021-01-24 16:05:17 ----D---- C:\Windows\system32\da-DK
2021-01-24 16:05:17 ----D---- C:\Windows\system32\cs-CZ
2021-01-24 16:05:17 ----D---- C:\Windows\system32\bg-BG
2021-01-24 16:05:17 ----D---- C:\Windows\system32\ar-SA
2021-01-24 16:05:17 ----D---- C:\Program Files\Broadcom
2021-01-24 16:04:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2021-01-16 07:20:48 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2019-07-28 102464]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-07-28 149144]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-07-28 189232]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2019-07-28 76896]
R1 EpfwLWF;ESET Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2019-07-28 61360]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-07-28 113336]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2019-07-28 50488]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-04-07 1208320]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-06-20 72128]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2011-04-14 94992]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-05 216064]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2020-12-16 2433232]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-04-14 200056]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2014-06-20 189912]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 TeamViewer;TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2020-12-14 12757520]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2020-12-16 2433232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-12-16 335416]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\elevation_service.exe [2021-01-06 1431656]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Jsou přesnější, než RSIT. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by acerf (administrator) on ACERF-PC (Acer Aspire 5738) (24-01-2021 19:05:50)
Running from C:\Users\acerf\Desktop
Loaded Profiles: acerf
Platform: Windows 7 Home Premium (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe <2>
(CyberLink -> Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(eInstruction -> eInstruction Corporation) C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(LSI Corporation) [File not signed] C:\Program Files\LSI SoftModem\agr64svc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(Microsoft Corporation) [File not signed] C:\Windows\explorer.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\audiodg.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\csrss.exe <2>
(Microsoft Corporation) [File not signed] C:\Windows\System32\dwm.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\lsass.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\lsm.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\notepad.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\services.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\smss.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe <13>
(Microsoft Corporation) [File not signed] C:\Windows\System32\taskhost.exe <2>
(Microsoft Corporation) [File not signed] C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\VSSVC.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPrvSE.exe <2>
(Microsoft Corporation) [File not signed] C:\Windows\System32\wininit.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\winlogon.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\WUDFHost.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Acer Incorporated -> Microsoft)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2020-12-16] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Acer Incorporated -> Microsoft)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2010-01-18] (CyberLink -> Acer Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30208 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26112 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Winlogon: [Shell] C:\Windows\explorer.exe [2870272 2012-10-24] (Microsoft Corporation) [File not signed]
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2614272 2012-10-24] (Microsoft Corporation) [File not signed]
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation) [File not signed]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) [File not signed]
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation) [File not signed]
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-1084374266-1562699828-3666482862-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [164352 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [745984 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dll [39424 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\Local Port: C:\Windows\system32\localspl.dll [954880 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\Windows\system32\FXSMON.DLL [41472 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\Windows\system32\tcpmon.dll [195072 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\USB Monitor: C:\Windows\system32\usbmon.dll [45056 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\WSD Port: C:\Windows\system32\WSDMon.dll [224768 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\eInstruction Device Manager.lnk [2013-10-21]
ShortcutTarget: eInstruction Device Manager.lnk -> C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe (eInstruction -> eInstruction Corporation)
HKU\S-1-5-21-1084374266-1562699828-3666482862-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D4E1A2B-40E4-4DD5-BF4C-15BF120BE4D6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [197632 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855fec53-d2e4-4999-9e87-3414e9cf0ff4} C:\Windows\system32\wdc.dll [1363968 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {2470470F-2634-478E-B181-571E98A789BB} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [84992 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [449024 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {2F4E2334-C828-4741-A33F-814275585F1C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [197632 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [1264640 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {30A1F857-41EB-4C3A-8360-84F579B9A651} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [197632 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {30C5A128-C891-4296-8DCB-6750C9217C92} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {30C66649-05B3-41A5-96B1-89F22BF6C93D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {428ABAFA-1EBC-497B-9364-BAEE2A50A4C3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {43874AF6-95FC-47D4-8395-33034B99F745} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [197632 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {466BC693-76D1-47B0-9073-9A4EFA3E94EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} C:\Windows\System32\usbceip.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} C:\Windows\System32\wpcmig.dll [17408 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} C:\Windows\system32\MsCtfMonitor.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {4D8182B8-B85A-4973-968D-5A26487E8D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {5450F0A2-559E-46A7-BFBE-2CBB77A7BACB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {581756EA-42C2-4941-A046-754B361049BB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} C:\Windows\System32\wpcumi.dll [188416 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [183296 2009-07-14] (Microsoft Corp.) [File not signed]
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [449024 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {615C658C-333F-4D74-99A4-285E4E0F4FAC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {65CC3036-C207-4F87-9225-C8618B1F6188} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-16] (Adobe Inc. -> Adobe)
Task: {6B602C80-3251-45A6-835A-2AAD6B5574B7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [17920 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {73A82E28-1256-4263-9E9F-8437BBBEEB69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [70656 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {7ABAD692-5E74-4382-B55C-4A9668776DB2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {8660564C-1553-42D5-95A1-85EA49DAF6F6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [197632 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {872BF206-06C0-453D-9886-8AC9326641E0} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} C:\Windows\System32\HotStartUserAgent.dll [27136 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {8FBE0AB6-39A1-4444-9ADE-C4FBDC3ECBBA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {90AA42A9-3C66-42BA-BF8E-27895727DF88} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} C:\Windows\System32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {95F09B69-B66B-4F29-8735-47B807FB6B00} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [76800 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {9EB079BE-1284-452E-8BAC-14C5D51BB844} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490d-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [625664 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [146944 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [90112 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {AB8E4A17-A800-4C54-8C4F-6AEB539EFC60} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [22392 2012-04-05] (Acer Incorporated -> Acer Incorporated)
Task: {AC3152D9-1BE4-479D-9640-92364887B21B} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [124416 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {c463a0fc-794f-4fdf-9201-01938ceacafa} C:\Windows\system32\rasmbmgr.dll [57344 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} C:\Windows\System32\perftrack.dll [867840 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {B3297087-1D2D-4314-981B-463FBE0B7355} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {B3936B72-2D8A-4CE6-8803-400FBE6F545A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [294912 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {B7E004F7-D38F-4997-8319-9D9DB351CB39} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {c1f85ef8-bcc2-4606-bb39-70c523715eb3} C:\Windows\System32\sdiagschd.dll [51200 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [293888 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {C4377515-80D1-4AD7-B3D2-FB86D15BD618} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-16] (Adobe Inc. -> Adobe)
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {ca767aa8-9157-4604-b64b-40747123d5f2} C:\Windows\System32\regidle.dll [14336 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [125952 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {CDC31136-9A36-4A64-BE02-11D1CD0E8A4F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [50688 2009-07-14] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {DDCD3CD2-28CE-473B-B72D-2A5492879AA8} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {DF03BE80-E0B1-4DE9-B631-6F298F3538AF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [197632 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [36864 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - System32\Tasks\Microsoft\Windows\RAC\RacTask => {42060D27-CA53-41f5-96E4-B1E8169308A6} C:\Windows\system32\RacEngn.dll [1556992 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [71168 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {EE3C78FD-F7E4-4FDB-9FF6-B382794E5CC2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [197632 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [71168 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask => {e7ed314f-2816-4c26-aeb5-54a34d02404c} C:\Windows\System32\kernelceip.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 02 C:\Windows\System32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 03 C:\Windows\System32\winrnr.dll [28672 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 04 C:\Windows\system32\napinsp.dll [68096 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 05 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 06 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [320000 2009-07-14] (Microsoft Corporation) [File not signed]
Tcpip\Parameters: [DhcpNameServer] 192.168.100.254
Tcpip\..\Interfaces\{3ABEDA08-490E-468F-8954-302385EE2F85}: [DhcpNameServer] 192.168.100.254

FireFox:
========
FF DefaultProfile: u5lu2083.default
FF ProfilePath: C:\Users\acerf\AppData\Roaming\Mozilla\Firefox\Profiles\q9058bwc.default-release [2020-12-20]
FF ProfilePath: C:\Users\acerf\AppData\Roaming\Mozilla\Firefox\Profiles\u5lu2083.default [2020-06-25]
FF DownloadDir: C:\Users\acerf\Desktop
FF Homepage: Mozilla\Firefox\Profiles\u5lu2083.default -> hxxps://www.seznam.cz/?clid=22668
FF Extension: (No Name) - C:\Users\acerf\AppData\Roaming\Mozilla\Firefox\Profiles\u5lu2083.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-21]
FF SearchPlugin: C:\Users\acerf\AppData\Roaming\Mozilla\Firefox\Profiles\u5lu2083.default\searchplugins\conduit.xml [2013-10-19]
FF SearchPlugin: C:\Users\acerf\AppData\Roaming\Mozilla\Firefox\Profiles\u5lu2083.default\searchplugins\seznam-avast.xml [2014-09-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-16] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-16] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-12-20]

Chrome:
=======
CHR Profile: C:\Users\acerf\AppData\Local\Google\Chrome\User Data\Default [2021-01-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\acerf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\acerf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-16] (Adobe Inc. -> Adobe)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2009-03-28] (LSI Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [175104 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [314368 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [253440 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2009-07-14] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-14] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2433232 2020-12-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2433232 2020-12-16] (ESET, spol. s r.o. -> ESET)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed] [File is in use]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
R3 FontCache; C:\Windows\system32\FntCache.dll [1127936 2009-07-14] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [231936 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2009-07-14] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-14] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [235520 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2011-04-14] (McAfee, Inc. -> McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [189912 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [824832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\system32\msiexec.exe /V [127488 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe /V [73216 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
S3 napagent; C:\Windows\system32\qagentRT.dll [475648 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-14] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1390080 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [208384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [343552 2013-04-29] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1104384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-14] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [104960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [558080 2009-07-14] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-14] (Microsoft Corporation) [File not signed]
R3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1780736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [241664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [532480 2009-07-14] (Microsoft Corporation) [File not signed]
R3 VSS; C:\Windows\system32\vssvc.exe [1598976 2009-07-14] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1503744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [366592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [254464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [348672 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [116736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [593408 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [428032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2418176 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-14] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [227840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [500224 2009-07-14] (Microsoft Corporation) [File not signed]
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1208320 2009-04-07] (LSI Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-14] (Microsoft Windows) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [1311232 2009-06-10] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\DRIVERS\CompositeBus.sys [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-14] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 E1G60; C:\Windows\System32\DRIVERS\E1G6032E.sys [145792 2009-06-10] (Intel Corporation) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-07-28] (ESET, spol. s r.o. -> ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [102464 2019-07-28] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-07-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50488 2019-07-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [76896 2019-07-28] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61360 2019-07-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2019-07-28] (ESET, spol. s r.o. -> ESET)
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed]
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7369728 2009-09-02] (Intel Corporation) [File not signed]
R3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [139264 2009-07-10] (Intel(R) Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-14] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Atheros Communications, Inc.) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
U3 mfeavfk01; no ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94992 2011-04-14] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc. -> McAfee, Inc.)
R3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2012-10-24] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [285696 2012-10-24] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [125952 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [216064 2009-06-05] (Realtek Semiconductor Corp.) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [464896 2012-10-24] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [407040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [162304 2012-10-24] (Microsoft Corporation) [File not signed]
R3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51712 2013-04-29] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-04-29] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-24 19:05 - 2021-01-24 19:08 - 000072528 _____ C:\Users\acerf\Desktop\FRST.txt
2021-01-24 19:04 - 2021-01-24 19:07 - 000000000 ____D C:\FRST
2021-01-24 19:04 - 2021-01-24 19:04 - 000000736 _____ C:\Users\acerf\Desktop\FRST64 – zástupce.lnk
2021-01-24 19:04 - 2021-01-24 19:01 - 002297344 _____ (Farbar) C:\Users\acerf\Desktop\FRST64.exe
2021-01-24 19:03 - 2021-01-24 19:01 - 002297344 _____ (Farbar) C:\FRST64.exe
2021-01-24 18:22 - 2021-01-24 18:30 - 000000000 ____D C:\rsit
2021-01-24 18:22 - 2021-01-24 18:22 - 000000000 ____D C:\Program Files\trend micro
2021-01-24 18:21 - 2021-01-24 18:21 - 001222144 _____ C:\Users\acerf\Downloads\RSITx64.exe
2021-01-24 18:11 - 2021-01-24 18:12 - 000388608 _____ (Trend Micro Inc.) C:\Users\acerf\Downloads\hijackthis.exe
2021-01-24 17:51 - 2021-01-24 17:51 - 000000000 ____D C:\Program Files (x86)\Atheros
2021-01-24 17:51 - 2009-09-21 11:00 - 001537024 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2021-01-24 17:50 - 2021-01-24 17:51 - 000000000 ____D C:\temp
2021-01-24 17:36 - 2021-01-24 17:36 - 000000000 ____D C:\Users\acerf\AppData\Local\TeamViewer
2021-01-24 17:35 - 2021-01-24 18:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-24 17:35 - 2021-01-24 17:35 - 000001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-24 17:35 - 2021-01-24 17:35 - 000001039 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-01-24 17:35 - 2021-01-24 17:35 - 000000000 ____D C:\Users\acerf\AppData\Roaming\TeamViewer
2021-01-24 17:33 - 2021-01-24 17:33 - 029285264 _____ (TeamViewer Germany GmbH) C:\Users\acerf\Downloads\TeamViewer_Setup.exe
2021-01-24 17:21 - 2021-01-24 17:26 - 976363801 _____ (Acer Incorporated) C:\Users\acerf\Downloads\VM2630_Windows7x64_All.exe
2021-01-24 16:59 - 2021-01-24 16:59 - 000000146 _____ C:\Users\acerf\Desktop\Správce zařízení – zástupce.lnk
2021-01-24 16:51 - 2009-09-24 19:50 - 000049567 _____ C:\Windows\system32\athrextx.cat
2021-01-24 16:50 - 2021-01-24 16:50 - 000000000 ____D C:\ProgramData\Atheros
2021-01-24 16:44 - 2021-01-24 16:51 - 000000000 ____D C:\Users\acerf\Downloads\ovladace
2021-01-24 16:31 - 2021-01-24 16:31 - 000001205 _____ C:\Users\acerf\Desktop\HWVendorDetection – zástupce.lnk
2021-01-24 16:30 - 2021-01-24 16:29 - 002249472 _____ (Acer Inc.) C:\Users\acerf\Downloads\HWVendorDetection.exe
2021-01-24 16:25 - 2021-01-24 16:25 - 000000000 ____D C:\Users\acerf\Downloads\LaunchManager_Dritek_3.0.02_W7x86W7x64_A
2021-01-24 16:17 - 2021-01-24 16:17 - 000000000 ____D C:\Users\acerf\AppData\Roaming\SoftDMA
2021-01-24 16:16 - 2021-01-24 17:10 - 000000000 ____D C:\Users\acerf\AppData\Roaming\PowerCinema
2021-01-24 16:16 - 2021-01-24 16:16 - 000000000 ____D C:\Users\acerf\AppData\Local\PowerCinema
2021-01-24 16:14 - 2021-01-24 16:14 - 000003970 _____ C:\Windows\system32\Tasks\UALU notificatin
2021-01-24 16:13 - 2021-01-24 16:13 - 000000000 ____D C:\Users\acerf\Downloads\Application_Acer_1.02.3502_W7x86W7x64_A
2021-01-24 16:05 - 2021-01-24 16:05 - 000006656 _____ C:\Windows\system32\bcmwlrc.dll
2021-01-24 16:05 - 2021-01-24 16:05 - 000000000 ____D C:\Program Files (x86)\Cisco
2021-01-24 15:36 - 2021-01-24 15:36 - 000215234 _____ C:\Windows\ntbtlog.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-24 18:15 - 2009-07-14 05:45 - 000017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-24 18:15 - 2009-07-14 05:45 - 000017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-24 18:07 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-24 17:53 - 2013-04-29 14:16 - 000094232 _____ C:\Users\acerf\AppData\Local\GDIPFONTCACHEV1.DAT
2021-01-24 17:52 - 2009-07-14 05:45 - 000383760 _____ C:\Windows\system32\FNTCACHE.DAT
2021-01-24 17:51 - 2012-10-24 14:30 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-24 17:08 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-24 16:16 - 2013-04-29 12:46 - 000000000 ____D C:\ProgramData\CyberLink
2021-01-24 16:05 - 2013-04-29 12:45 - 000000000 ____D C:\Program Files\Broadcom
2021-01-24 16:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\lv-LV
2021-01-24 16:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\lt-LT
2021-01-24 16:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\et-EE
2021-01-24 16:04 - 2013-04-29 22:30 - 000622660 _____ C:\Windows\system32\perfh005.dat
2021-01-24 16:04 - 2013-04-29 22:30 - 000118810 _____ C:\Windows\system32\perfc005.dat
2021-01-24 16:04 - 2009-07-14 06:13 - 001447142 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-07 08:34 - 2020-06-28 10:51 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories ========

2013-10-21 21:15 - 2013-10-21 21:17 - 000000476 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini
2021-01-24 16:31 - 2021-01-24 17:18 - 000047117 _____ () C:\Users\acerf\AppData\Local\HWVendorDetection.log
2019-03-17 00:14 - 2019-03-17 00:14 - 000000000 _____ () C:\Users\acerf\AppData\Local\{09AFE041-8361-4139-B118-489C676041CA}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\system32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit

LastRegBack: 2021-01-14 18:02
==================== End of FRST.txt ========================

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-24-2021
# Duration: 00:00:39
# OS: Windows 7 Home Premium
# Cleaned: 46
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Partner

***** [ Files ] *****

Deleted C:\END
Deleted C:\Users\acerf\AppData\Roaming\Mozilla\Firefox\Profiles\u5lu2083.default\searchplugins\Conduit.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted BS Player ControlBar Customized Web Search

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.AcerArcadeDeluxe Folder C:\Program Files (x86)\ACER ARCADE DELUXE\ACER ARCADE DELUXE
Deleted Preinstalled.AcerArcadeDeluxe Folder C:\Program Files (x86)\ACER ARCADE DELUXE\HOMEMEDIA
Deleted Preinstalled.AcerArcadeDeluxe Folder C:\Program Files (x86)\ACER ARCADE DELUXE\PLAYMOVIE
Deleted Preinstalled.AcerArcadeDeluxe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2637C347-9DAD-11D6-9EA2-00055D0CA761}
Deleted Preinstalled.AcerArcadeDeluxe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A450831D-25F6-4F42-9662-D000B25E0D82}
Deleted Preinstalled.AcerArcadeDeluxe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AA4BF92B-2AAF-11DA-9D78-000129760D75}
Deleted Preinstalled.AcerIdentityCard Folder C:\Program Files (x86)\ACER\IDENTITY CARD
Deleted Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Identity Card
Deleted Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER EPOWER MANAGEMENT
Deleted Preinstalled.AcerPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Acer ePower Management
Deleted Preinstalled.AcerRegistration Folder C:\Program Files (x86)\ACER\REGISTRATION
Deleted Preinstalled.AcerRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Acer Registration
Deleted Preinstalled.AcerUpdater Folder C:\Program Files\ACER\ACER UPDATER
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.AcerUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB8E4A17-A800-4C54-8C4F-6AEB539EFC60}
Deleted Preinstalled.AcerUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB8E4A17-A800-4C54-8C4F-6AEB539EFC60}
Deleted Preinstalled.AcerUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UALU notificatin
Deleted Preinstalled.AcerUpdater Task C:\Windows\System32\Tasks\UALU NOTIFICATIN
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}
Deleted Preinstalled.GatewayMyBackup Folder C:\Program Files (x86)\NEWTECH INFOSYSTEMS
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BackupManagerTray
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{12EFA1A4-AC3B-443C-8143-237EDE760403}
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2413930C-8309-47A6-BC61-5EF27A4222BC}
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{72B776E5-4530-4C4B-9453-751DF87D9D93}
Deleted Preinstalled.GatewayWelcomeCenter File C:\Users\acerf\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk
Deleted Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
Deleted Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}
Deleted Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}
Deleted Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
Deleted Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
Deleted Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
Deleted Preinstalled.PackardBellGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7068 octets] - [24/01/2021 20:07:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by acerf (24-01-2021 20:52:02)
Running from C:\Users\acerf\Desktop
Windows 7 Home Premium (X64) (2013-04-29 13:16:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

acerf (S-1-5-21-1084374266-1562699828-3666482862-1000 - Administrator - Enabled) => C:\Users\acerf
Administrator (S-1-5-21-1084374266-1562699828-3666482862-500 - Administrator - Disabled)
Guest (S-1-5-21-1084374266-1562699828-3666482862-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: McAfee Personal Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}) (Version: - Microsoft) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.03.1223 - Acer Inc.)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0.0.225 - Atheros)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.57.13 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
DeviceManager (HKLM-x32\...\DeviceManager) (Version: 7.0.99.60076 - eInstruction)
Dropbox (HKU\S-1-5-21-1084374266-1562699828-3666482862-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESET Security (HKLM\...\{925EB551-DEBA-436C-BB93-916AB96DE0AA}) (Version: 12.2.31.0 - ESET, spol. s r.o.)
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
InterwriteWorkspaceLanguagePack-Czech (HKLM-x32\...\InterwriteWorkspaceLanguagePack-Czech) (Version: 1.6.0.1 - eInstruction)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.06 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Microsoft Office Language Pack 2007 - Czech/èeština (HKLM-x32\...\OMUI.cs-cz) (Version: 12.0.4518.1025 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM-x32\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{99D7DE4C-2775-4B16-B155-7F09AE939E8E}) (Version: 9.7.0621 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}) (Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3013 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Workspace (HKLM-x32\...\{51D41F14-BF22-4741-AF5B-39C4476F829A}) (Version: 9.0.452.59838 - eInstruction)
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{7EBD8BA7-DF64-4BF9-9BC1-B0D53984FC6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Zoner Media Explorer 6 (HKLM-x32\...\{766D51EF-3F9E-490F-8490-0F24910F18BC}) (Version: 6.0.4000.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\acerf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\acerf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\acerf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\acerf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-02-01] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-02-01] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-02-01] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files (x86)\Zoner\Media Explorer 6\Program\ShellExt6.dll [2003-10-20] (ZONER software) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2-x32: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files (x86)\Zoner\Media Explorer 6\Program\ShellExt6.dll [2003-10-20] (ZONER software) [File not signed]
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2010-01-21] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-02-01] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files (x86)\Zoner\Media Explorer 6\Program\ShellExt6.dll [2003-10-20] (ZONER software) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-02] (Intel Corporation) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6-x32: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files (x86)\Zoner\Media Explorer 6\Program\ShellExt6.dll [2003-10-20] (ZONER software) [File not signed]
ContextMenuHandlers1_S-1-5-21-1084374266-1562699828-3666482862-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\acerf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1084374266-1562699828-3666482862-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\acerf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1084374266-1562699828-3666482862-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\acerf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2007-03-08] (TechSmith Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-10-21 21:12 - 2010-12-10 13:04 - 000098304 _____ () [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jspWin.dll
2013-10-21 21:12 - 2012-02-07 13:37 - 000304128 _____ () [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\NativeSupport.dll
2013-10-21 21:12 - 2011-11-09 19:17 - 000225280 _____ () [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\STTubeDevice30.dll
2021-01-24 20:13 - 2021-01-24 20:13 - 000020480 _____ () [File not signed] C:\Users\acerf\AppData\Local\Temp\abt84078\BTCheckMS.dll
2021-01-24 19:17 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-04-29 12:43 - 2009-06-04 18:03 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\IAAMon_ENU.dll
2013-04-29 12:43 - 2009-06-04 18:02 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
2013-04-29 12:43 - 2009-06-04 17:55 - 000208896 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
2013-04-29 22:19 - 2009-09-02 20:21 - 000108544 _____ (Intel Corporation) [File not signed] C:\Windows\system32\hccutils.DLL
2013-04-29 22:19 - 2009-09-02 20:42 - 003799040 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igd10umd64.dll
2013-04-29 22:19 - 2009-09-02 20:21 - 000259584 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxdev.dll
2013-04-29 22:19 - 2009-09-02 20:22 - 000246272 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxpph.dll
2013-04-29 22:19 - 2009-09-02 20:24 - 000284672 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxrCSY.lrc
2013-04-29 22:19 - 2009-09-02 20:21 - 005694976 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxress.dll
2013-04-29 22:19 - 2009-09-02 20:22 - 000055808 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxsrvc.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000020520 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-core-file-l1-2-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000020520 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-core-file-l2-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000023080 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-core-localization-l1-2-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000021056 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-core-processthreads-l1-1-1.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000021032 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-core-synch-l1-2-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000021032 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-core-timezone-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000024616 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-convert-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000021032 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-environment-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000022568 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-filesystem-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000021544 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-heap-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000021032 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-locale-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000029528 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-math-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000028736 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-multibyte-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000025128 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-runtime-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000026664 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-stdio-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000026664 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-string-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000023080 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-time-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 000021032 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\api-ms-win-crt-utility-l1-1-0.dll
2020-12-16 19:30 - 2020-12-16 19:30 - 001026088 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\ESET\ESET Security\ucrtbase.DLL
2009-07-14 01:00 - 2009-07-14 02:40 - 000402944 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\system32\es.dll
2009-07-14 01:02 - 2009-07-14 02:41 - 000503296 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
2009-07-14 01:29 - 2009-07-14 02:41 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
2009-07-14 01:28 - 2009-07-14 02:31 - 000081920 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL
2012-10-24 15:00 - 2012-10-24 15:00 - 000449536 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Internet Explorer\ieproxy.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000052224 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MpOav.dll
2009-07-14 00:56 - 2009-07-14 02:41 - 000087552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
2009-07-14 00:27 - 2009-07-14 02:14 - 000559616 _____ (Microsoft Corporation) [File not signed] C:\Windows\AppPatch\AcLayers.DLL
2009-07-14 01:24 - 2009-07-14 02:40 - 000026112 _____ (Microsoft Corporation) [File not signed] C:\Windows\ehome\ehSSO.dll
2009-07-14 00:57 - 2009-07-14 02:40 - 000154112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ACLUI.dll
2009-07-14 00:40 - 2009-07-14 02:40 - 000053248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\acppage.dll
2009-07-14 00:56 - 2009-07-14 02:40 - 000780800 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Actioncenter.dll
2009-07-14 01:41 - 2009-07-14 02:40 - 000958976 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\actxprxy.dll
2009-07-14 01:41 - 2009-07-14 02:40 - 000877056 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ADVAPI32.dll
2009-07-14 00:32 - 2009-07-14 02:40 - 000059904 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\AEPIC.dll
2009-07-14 00:55 - 2009-07-14 02:40 - 000053248 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\AltTab.dll
2009-07-14 00:21 - 2009-07-14 02:40 - 000338432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\apphelp.dll
2009-07-14 00:50 - 2009-07-14 02:40 - 000070144 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\appinfo.dll
2009-07-14 01:34 - 2009-07-14 02:40 - 000090624 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ATL.DLL
2009-07-14 01:18 - 2009-07-14 02:40 - 000296448 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\audioses.dll
2009-07-14 01:19 - 2009-07-14 02:40 - 000676864 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\audiosrv.dll
2009-07-14 00:58 - 2009-07-14 02:40 - 001926144 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\authui.dll
2009-07-14 00:50 - 2009-07-14 02:40 - 000177664 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\AUTHZ.dll
2009-07-14 01:22 - 2009-07-14 02:40 - 000018432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\AVRT.dll
2009-07-14 00:18 - 2009-07-14 02:40 - 000052736 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\basesrv.DLL
2009-07-14 00:56 - 2009-07-14 02:40 - 000748032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\BatMeter.dll
2009-07-14 00:49 - 2009-07-14 02:40 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\bcrypt.dll
2009-07-14 01:09 - 2009-07-14 02:40 - 000703488 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bfe.dll
2009-07-14 00:46 - 2009-07-14 02:40 - 000056832 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\bitsigd.dll
2009-07-14 00:46 - 2009-07-14 02:40 - 000024064 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bitsperf.dll
2009-07-14 00:53 - 2009-07-14 02:40 - 000136192 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\browser.dll
2009-07-14 00:56 - 2009-07-14 02:38 - 000721408 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\bthprops.cpl
2009-07-14 00:21 - 2009-07-14 02:40 - 000094208 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cabinet.dll
2009-07-14 00:26 - 2009-07-14 02:40 - 000207360 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CFGMGR32.dll
2009-07-14 01:00 - 2009-07-14 02:40 - 000607744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CLBCatQ.DLL
2009-07-14 00:34 - 2009-07-14 02:40 - 000314368 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CLUSAPI.DLL
2009-07-14 00:49 - 2009-07-14 02:40 - 000018944 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cngaudit.dll
2009-07-14 00:55 - 2009-07-14 02:40 - 000595456 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\COMDLG32.dll
2009-07-14 00:50 - 2009-07-14 02:40 - 000020480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\credssp.dll
2009-07-14 00:50 - 2009-07-14 02:40 - 001454592 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPT32.dll
2009-07-14 00:20 - 2009-07-14 02:40 - 000044032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTBASE.dll
2009-07-14 00:49 - 2009-07-14 02:40 - 000066048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cryptdll.dll
2009-07-14 00:49 - 2009-07-14 02:40 - 000138752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cryptnet.dll
2009-07-14 00:53 - 2009-07-14 02:40 - 000079872 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTSP.dll
2009-07-14 00:49 - 2009-07-14 02:40 - 000175104 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\cryptsvc.dll
2009-07-14 00:49 - 2009-07-14 02:40 - 001065984 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cryptui.dll
2009-07-14 00:24 - 2009-07-14 02:40 - 000046080 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\cscapi.dll
2009-07-14 00:19 - 2009-07-14 02:40 - 000043520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CSRSRV.dll
2009-07-14 00:41 - 2009-07-14 02:40 - 000197120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d10_1.dll
2009-07-14 00:41 - 2009-07-14 02:40 - 000318976 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d10_1core.dll
2009-07-14 01:13 - 2009-07-14 02:40 - 001087488 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dbghelp.dll
2009-07-14 00:26 - 2009-07-14 02:40 - 000093184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DEVOBJ.dll
2009-07-14 00:26 - 2009-07-14 02:40 - 000058368 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\DEVRTL.dll
2009-07-14 00:21 - 2009-07-14 02:40 - 000314368 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dhcpcore.dll
2009-07-14 00:21 - 2009-07-14 02:40 - 000224256 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dhcpcore6.dll
2009-07-14 00:21 - 2009-07-14 02:40 - 000087040 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dhcpcsvc.DLL
2009-07-14 00:21 - 2009-07-14 02:40 - 000054272 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dhcpcsvc6.DLL
2009-07-14 00:53 - 2009-07-14 02:40 - 000040448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dimsjob.dll
2009-07-14 00:21 - 2009-07-14 02:40 - 000356352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DNSAPI.dll
2009-07-14 01:12 - 2009-07-14 02:40 - 000008192 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dnsext.dll
2009-07-14 00:21 - 2009-07-14 02:40 - 000182272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dnsrslvr.dll
2009-07-14 00:31 - 2009-07-14 02:40 - 000162816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dps.dll
2009-07-14 00:56 - 2009-07-14 02:40 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dskquota.dll
2009-07-14 00:56 - 2009-07-14 02:40 - 000239616 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dskquoui.dll
2009-07-14 01:18 - 2009-07-14 02:40 - 000540672 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DSOUND.dll
2009-07-14 00:50 - 2009-07-14 02:40 - 000032768 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DSROLE.DLL
2009-07-14 00:41 - 2009-07-14 02:40 - 000976896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DUI70.dll
2009-07-14 00:39 - 2009-07-14 02:40 - 000260608 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DUser.dll
2009-07-14 00:37 - 2009-07-14 02:40 - 000082432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dwmapi.dll
2009-07-14 00:39 - 2009-07-14 02:40 - 001634304 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dwmcore.dll
2009-07-14 00:37 - 2009-07-14 02:40 - 000128512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dwmredir.dll
2009-07-14 00:41 - 2009-07-14 02:40 - 000658432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dxgi.dll
2009-07-14 01:21 - 2009-07-14 02:40 - 000459776 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dxp.dll
2009-07-14 01:12 - 2009-07-14 02:40 - 000263680 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\eappcfg.dll
2009-07-14 01:12 - 2009-07-14 02:40 - 000303616 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\eapphost.dll
2009-07-14 01:12 - 2009-07-14 02:40 - 000064512 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\eappprxy.dll
2009-07-14 01:12 - 2009-07-14 02:40 - 000111104 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\eapsvc.dll
2009-07-14 00:50 - 2009-07-14 02:40 - 000056832 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\efslsaext.dll
2009-07-14 01:00 - 2009-07-14 02:40 - 000144896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EhStorAPI.dll
2009-07-14 01:00 - 2009-07-14 02:40 - 000203264 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EhStorShell.dll
2009-07-14 00:50 - 2009-07-14 02:40 - 002565120 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ESENT.dll
2009-07-14 00:57 - 2009-07-14 02:40 - 001863680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EXPLORERFRAME.dll
2009-07-14 00:40 - 2009-07-14 02:40 - 000355328 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\faultrep.dll
2009-07-14 00:35 - 2009-07-14 02:40 - 000051200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fdPnp.dll
2009-07-14 00:35 - 2009-07-14 02:40 - 000034816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\fdrespub.dll
2009-07-14 01:08 - 2009-07-14 02:40 - 000748032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FirewallAPI.dll
2009-07-14 00:23 - 2009-07-14 02:40 - 000019456 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\FLTLIB.DLL
2009-07-14 00:38 - 2009-07-14 02:40 - 001127936 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\fntcache.dll
2009-07-14 00:47 - 2009-07-14 02:40 - 000295424 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\framedynos.dll
2009-07-14 00:35 - 2009-07-14 02:40 - 000194560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FunDisc.dll
2009-07-14 00:21 - 2009-07-14 02:40 - 000020480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FVECERTS.dll
2009-07-14 01:09 - 2009-07-14 02:40 - 000324096 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fwpuclnt.dll
2009-07-14 01:08 - 2009-07-14 02:40 - 000075776 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\FwRemoteSvr.DLL
2009-07-14 01:35 - 2009-07-14 02:40 - 000623104 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FXSAPI.dll
2009-07-14 01:36 - 2009-07-14 02:40 - 000041472 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\FXSMON.DLL
2009-07-14 01:36 - 2009-07-14 02:27 - 000925184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FXSRESM.DLL
2009-07-14 01:35 - 2009-07-14 02:40 - 000863744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fxsst.dll
2009-07-14 00:57 - 2009-07-14 02:40 - 002746368 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\gameux.dll
2009-07-14 00:39 - 2009-07-14 02:40 - 000404480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\GDI32.dll
2009-07-14 00:54 - 2009-07-14 02:40 - 000096768 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\GPAPI.dll
2009-07-14 00:54 - 2009-07-14 02:40 - 000776192 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\gpsvc.dll
2009-07-14 00:56 - 2009-07-14 02:40 - 000031232 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\hcproviders.dll
2009-07-14 00:57 - 2009-07-14 02:41 - 000332288 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\hgcpl.dll
2009-07-14 01:06 - 2009-07-14 02:41 - 000030208 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\HID.DLL
2009-07-14 01:06 - 2009-07-14 02:41 - 000038912 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\hidserv.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 000424448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\hnetcfg.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000027136 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HotStartUserAgent.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\HTTPAPI.dll
2009-07-14 00:37 - 2009-07-14 02:41 - 000014336 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IconCodecService.dll
2012-10-24 15:00 - 2012-10-24 15:00 - 012356608 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ieframe.dll
2009-07-14 00:59 - 2009-07-14 02:41 - 002440704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\iertutil.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000845824 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ikeext.dll
2009-07-14 01:13 - 2009-07-14 02:41 - 000076288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\imagehlp.dll
2009-07-14 01:01 - 2009-07-14 02:41 - 000505344 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\imapi2.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IMM32.DLL
2009-07-14 01:39 - 2009-07-14 02:41 - 000164352 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\inetpp.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000145920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IPHLPAPI.DLL
2009-07-14 01:09 - 2009-07-14 02:41 - 000565760 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\iphlpsvc.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 000500224 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ipsecsvc.dll
2009-07-14 01:09 - 2009-07-14 02:38 - 000425984 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\irprops.cpl
2009-07-14 00:51 - 2009-07-14 02:41 - 000714240 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\kerberos.DLL
2009-07-14 00:28 - 2009-07-14 02:41 - 001162240 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\kernel32.dll
2009-07-14 00:20 - 2009-07-14 02:41 - 000421376 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\KERNELBASE.dll
2009-07-14 00:49 - 2009-07-14 02:41 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\keyiso.dll
2009-07-14 01:18 - 2009-07-14 02:41 - 000005120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ksuser.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 000023040 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ktmw32.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000071168 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\l2gpstore.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000029696 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\LINKINFO.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 000049664 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\lltdapi.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000023552 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\lmhsvc.dll
2009-07-14 01:40 - 2009-07-14 02:41 - 000954880 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\localspl.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000186368 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\logoncli.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 000041984 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\LPK.dll
2009-07-14 00:51 - 2009-07-14 02:41 - 001446912 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\lsasrv.dll
2009-07-14 00:21 - 2009-07-14 02:28 - 000003072 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\LZ32.dll
2009-07-14 01:19 - 2009-07-14 02:41 - 000430592 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mfplat.dll
2009-07-14 01:18 - 2009-07-14 02:41 - 000020480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\midimap.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000226816 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MLANG.dll
2009-07-14 01:22 - 2009-07-14 02:41 - 000067584 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\mmcss.dll
2009-07-14 01:18 - 2009-07-14 02:41 - 000284160 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\MMDevAPI.DLL
2009-07-14 01:10 - 2009-07-14 02:41 - 000080896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MPR.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000220672 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\MPRAPI.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000824832 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\mpssvc.dll
2009-07-14 01:18 - 2009-07-14 02:41 - 000083456 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSACM32.dll
2009-07-14 01:18 - 2009-07-14 02:38 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msacm32.drv
2012-10-24 14:45 - 2012-10-24 14:45 - 000046592 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSASN1.dll
2009-07-14 00:40 - 2009-07-14 02:41 - 001067008 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSCTF.dll
2009-07-14 00:39 - 2009-07-14 02:41 - 000028160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MsCtfMonitor.dll
2009-07-14 01:28 - 2009-07-14 02:41 - 000163840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSDART.DLL
2009-07-14 00:39 - 2009-07-14 02:41 - 000799744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MsftEdit.dll
2009-07-14 00:51 - 2009-07-14 02:41 - 003211776 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msi.dll
2009-07-14 00:48 - 2009-07-14 02:41 - 000019968 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msiltcfg.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 000008192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSIMG32.dll
2009-07-14 00:39 - 2009-07-14 02:41 - 000222208 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msls31.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000046592 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\mspatcha.dll
2009-07-14 00:50 - 2009-07-14 02:29 - 000002048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msprivs.DLL
2009-07-14 01:29 - 2009-07-14 02:41 - 000100352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mssprxy.dll
2009-07-14 00:39 - 2009-07-14 02:41 - 000235520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSUTB.dll
2012-10-24 14:45 - 2012-10-24 14:45 - 000311808 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msv1_0.DLL
2009-07-14 00:19 - 2009-07-14 02:41 - 000634880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msvcrt.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000320000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mswsock.dll
2009-07-14 01:42 - 2009-07-14 02:41 - 001876992 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\msxml3.dll
2009-07-14 01:43 - 2009-07-14 02:41 - 001999360 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\msxml6.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000068096 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\napinsp.dll
2009-07-14 01:35 - 2009-07-14 02:41 - 001326592 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NaturalLanguage6.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000089600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NCI.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000069120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NCObjAPI.DLL
2009-07-14 00:49 - 2009-07-14 02:41 - 000307200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ncrypt.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 000209408 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ncsi.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000117248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\negoexts.DLL
2009-07-14 00:53 - 2009-07-14 02:41 - 000072704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netapi32.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 000517120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netcfgx.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000188928 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netjoin.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000692736 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netlogon.DLL
2009-07-14 01:08 - 2009-07-14 02:41 - 000360448 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\netman.dll
2009-07-14 01:12 - 2009-07-14 02:41 - 000459776 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\netprofm.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 002651136 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\netshell.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000028672 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netutils.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 001672704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NetworkExplorer.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000070144 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\nlaapi.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000302080 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nlasvc.dll
2009-07-14 01:31 - 2009-07-14 02:41 - 001623552 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NLSData0000.dll
2009-07-14 00:26 - 2009-07-14 02:31 - 000002560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Normaliz.dll
2009-07-14 01:12 - 2009-07-14 02:41 - 000031744 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\npmproxy.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000014848 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nrpsrv.DLL
2009-07-14 00:21 - 2009-07-14 02:41 - 000013824 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NSI.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000025600 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nsisvc.dll
2009-07-14 00:54 - 2009-07-14 02:41 - 000152064 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NTDSAPI.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000162304 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ntmarta.dll
2009-07-14 00:57 - 2009-07-14 02:41 - 000509952 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ntshrui.dll
2009-07-14 01:02 - 2009-07-14 02:41 - 002084352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ole32.dll
2009-07-14 00:39 - 2009-07-14 02:41 - 000331776 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\OLEACC.dll
2009-07-14 00:59 - 2009-07-14 02:41 - 000861184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\OLEAUT32.dll
2009-07-14 00:59 - 2009-07-14 02:41 - 000128000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\oledlg.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000235008 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\OneX.DLL
2009-07-14 00:32 - 2009-07-14 02:41 - 000186368 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\pcasvc.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 000036864 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pcwum.dll
2009-07-14 00:31 - 2009-07-14 02:41 - 000300032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pdh.dll
2009-07-14 00:33 - 2009-07-14 02:41 - 000867840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\perftrack.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000240640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pku2u.DLL
2009-07-14 01:18 - 2009-07-14 02:41 - 000084992 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\PlaySndSrv.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 001807872 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\pnidui.dll
2009-07-14 00:31 - 2009-07-14 02:41 - 000012288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pnpts.dll
2009-07-14 01:11 - 2009-07-14 02:41 - 000086016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pnrpnsp.dll
2009-07-14 01:22 - 2009-07-14 02:41 - 000757248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PortableDeviceApi.dll
2009-07-14 01:21 - 2009-07-14 02:41 - 000077824 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\portabledeviceconnectapi.dll
2009-07-14 01:21 - 2009-07-14 02:41 - 000219648 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PortableDeviceTypes.dll
2009-07-14 00:27 - 2009-07-14 02:41 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\powrprof.dll
2009-07-14 01:39 - 2009-07-14 02:41 - 000048128 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\PrintIsolationProxy.dll
2009-07-14 01:40 - 2009-07-14 02:41 - 000416768 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\prnfldr.dll
2009-07-14 00:20 - 2009-07-14 02:41 - 000044032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\profapi.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000208384 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\profsvc.dll
2009-07-14 00:56 - 2009-07-14 02:41 - 001212416 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\PROPSYS.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000187904 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\provsvc.dll
2009-07-14 00:26 - 2009-07-14 02:41 - 000009216 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\psapi.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000265216 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\QAgent.dll
2009-07-14 00:46 - 2009-07-14 02:41 - 000848384 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\qmgr.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000107520 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\QUtil.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000242688 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\qwave.dll
2009-07-14 00:32 - 2009-07-14 02:41 - 000097792 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\radardt.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000016384 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\rasadhlp.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000384512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\rasapi32.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000860672 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\RASDLG.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000100352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\rasman.dll
2009-07-14 01:11 - 2009-07-14 02:41 - 000866816 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RasMM.dll
2009-07-14 00:34 - 2009-07-14 02:41 - 000086016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RESUTILS.DLL
2009-07-14 00:39 - 2009-07-14 02:41 - 000632832 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RICHED20.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 000010240 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RICHED32.DLL
2009-07-14 00:21 - 2009-07-14 02:41 - 000067072 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rpcepmap.dll
2009-07-14 00:23 - 2009-07-14 02:41 - 001221632 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RPCRT4.dll
2009-07-14 00:59 - 2009-07-14 02:41 - 000065024 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RpcRtRemote.dll
2009-07-14 01:00 - 2009-07-14 02:41 - 000509440 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rpcss.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000051712 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\rtutils.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000067072 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\samcli.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000107008 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SAMLIB.dll
2009-07-14 00:54 - 2009-07-14 02:41 - 000757760 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SAMSRV.dll
2009-07-14 00:49 - 2009-07-14 02:41 - 000232448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scecli.DLL
2009-07-14 00:49 - 2009-07-14 02:41 - 000406016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SCESRV.dll
2009-07-14 00:31 - 2009-07-14 02:41 - 000089088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scext.dll
2009-07-14 00:58 - 2009-07-14 02:41 - 000230400 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scrobj.dll
2009-07-14 00:58 - 2009-07-14 02:41 - 000202752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scrrun.dll
2009-07-14 00:59 - 2009-07-14 02:41 - 000865280 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SearchFolder.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000028160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\secur32.dll
2009-07-14 00:50 - 2009-07-14 02:32 - 000005120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\security.dll
2009-07-14 00:20 - 2009-07-14 02:41 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\sechost.dll
2009-07-14 00:34 - 2009-07-14 02:41 - 000064512 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sens.dll
2009-07-14 00:34 - 2009-07-14 02:41 - 000015872 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sensapi.dll
2009-07-14 00:27 - 2009-07-14 02:41 - 001899520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SETUPAPI.dll
2009-07-14 00:25 - 2009-07-14 02:33 - 000003072 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sfc.dll
2009-07-14 00:26 - 2009-07-14 02:41 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sfc_os.DLL
2009-07-14 00:55 - 2009-07-14 02:41 - 000196096 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\shdocvw.dll
2009-07-14 01:04 - 2009-07-14 02:41 - 014161920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\shell32.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000010240 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SHFOLDER.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000449536 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SHLWAPI.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000369664 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\shsvcs.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000348672 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\schannel.DLL
2009-07-14 00:53 - 2009-07-14 02:41 - 000024064 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SCHEDCLI.DLL
2009-07-14 00:47 - 2009-07-14 02:41 - 001104384 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\schedsvc.dll
2009-07-14 00:51 - 2009-07-14 02:41 - 000030720 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\slc.dll
2009-07-14 01:19 - 2009-07-14 02:41 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SndVolSSO.DLL
2009-07-14 01:10 - 2009-07-14 02:41 - 000027648 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\snmpapi.dll
2009-07-14 00:26 - 2009-07-14 02:41 - 000105472 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SPINF.dll
2009-07-14 01:39 - 2009-07-14 02:41 - 000039424 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\winprint.dll
2009-07-14 01:39 - 2009-07-14 02:41 - 000057856 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SPOOLSS.DLL
2009-07-14 02:04 - 2009-07-14 02:41 - 000145920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SPPC.DLL
2009-07-14 00:40 - 2009-07-14 02:41 - 000235008 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sqmapi.dll
2009-07-14 00:56 - 2009-07-14 02:41 - 000340992 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\srchadmin.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000127488 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\srvcli.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000235520 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\srvsvc.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000013312 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SSCORE.DLL
2009-07-14 01:10 - 2009-07-14 02:41 - 000051200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SSDPAPI.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000193024 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ssdpsrv.dll
2009-07-14 00:20 - 2009-07-14 02:41 - 000136192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SSPICLI.DLL
2009-07-14 00:20 - 2009-07-14 02:41 - 000028672 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SspiSrv.dll
2009-07-14 00:56 - 2009-07-14 02:41 - 000256000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\stobject.dll
2009-07-14 01:29 - 2009-07-14 02:41 - 000483840 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\StructuredQuery.dll
2009-07-14 00:37 - 2009-07-14 02:41 - 000524288 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\swprv.dll
2009-07-14 00:27 - 2009-07-14 02:41 - 000583168 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sxs.dll
2009-07-14 00:26 - 2009-07-14 02:41 - 000031744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sxssrv.DLL
2009-07-14 00:55 - 2009-07-14 02:41 - 002262528 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SyncCenter.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000095232 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SYNCENG.dll
2009-07-14 01:22 - 2009-07-14 02:41 - 000073728 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Syncreg.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000200192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\syncui.dll
2009-07-14 00:36 - 2009-07-14 02:41 - 001780736 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sysmain.dll
2009-07-14 00:52 - 2009-07-14 02:41 - 000023040 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SYSNTFY.dll
2009-07-14 00:56 - 2009-07-14 02:41 - 000419840 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\systemcpl.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000473600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\taskcomp.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 001168896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\taskschd.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000019968 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\tbs.dll
2009-07-14 01:39 - 2009-07-14 02:41 - 000195072 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\tcpmon.dll
2009-07-14 00:32 - 2009-07-14 02:41 - 000844800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\tdh.dll
2009-07-14 00:54 - 2009-07-14 02:41 - 000044544 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\themeservice.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000113152 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\thumbcache.dll
2009-07-14 00:56 - 2009-07-14 02:38 - 000515072 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\timedate.cpl
2009-07-14 01:38 - 2009-07-14 02:41 - 002325504 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\tquery.dll
2009-07-14 01:09 - 2009-07-14 02:41 - 000039424 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\TRAFFIC.dll
2009-07-14 00:59 - 2009-07-14 02:41 - 000119808 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\trkwks.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000086016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\tspkg.DLL
2009-07-14 00:55 - 2009-07-14 02:41 - 000172544 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\twext.dll
2009-07-14 00:31 - 2009-07-14 02:41 - 000214016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UBPM.dll
2009-07-14 00:37 - 2009-07-14 02:41 - 000328704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\uDWM.dll
2009-07-14 00:42 - 2009-07-14 02:41 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\UIAnimation.dll
2009-07-14 00:35 - 2009-07-14 02:41 - 000059904 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\umb.dll
2009-07-14 00:27 - 2009-07-14 02:41 - 000404480 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpnpmgr.dll
2009-07-14 00:27 - 2009-07-14 02:41 - 000163840 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpo.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000260608 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\upnp.dll
2012-10-24 15:00 - 2012-10-24 15:00 - 001492480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\urlmon.dll
2009-07-14 01:39 - 2009-07-14 02:41 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\usbmon.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 001008640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000107008 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USERENV.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 000801280 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USP10.dll
2009-07-14 00:54 - 2009-07-14 02:41 - 000025088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UXINIT.dll
2009-07-14 00:37 - 2009-07-14 02:41 - 000038912 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\uxsms.dll
2009-07-14 00:55 - 2009-07-14 02:41 - 000332288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UxTheme.dll
2009-07-14 01:11 - 2009-07-14 02:41 - 000691200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\van.dll
2009-07-14 00:57 - 2009-07-14 02:41 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\version.dll
2009-07-14 00:25 - 2009-07-14 02:41 - 000021504 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\VirtDisk.dll
2009-07-14 00:36 - 2009-07-14 02:41 - 000061952 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\vss_ps.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 001745408 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VSSAPI.DLL
2009-07-14 00:36 - 2009-07-14 02:41 - 000076800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VssTrace.DLL
2009-07-14 00:47 - 2009-07-14 02:40 - 000440320 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\esscli.dll
2009-07-14 00:47 - 2009-07-14 02:40 - 000909312 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\FastProx.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000078336 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\ncprov.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000451584 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\repdrvfs.dll
2009-07-14 00:48 - 2009-07-14 02:41 - 001220096 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemcore.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000266752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemdisp.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000505856 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemess.dll
2009-07-14 00:46 - 2009-07-14 02:41 - 000043520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemprox.dll
2009-07-14 00:46 - 2009-07-14 02:41 - 000064512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemsvc.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000191488 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmidcprv.dll
2009-07-14 00:31 - 2009-07-14 02:41 - 000136192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\WmiPerfClass.dll
2009-07-14 00:48 - 2009-07-14 02:41 - 000750080 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmiprvsd.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000242688 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wbem\wmisvc.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000137216 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmiutils.dll
2009-07-14 00:47 - 2009-07-14 02:41 - 000529920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbemcomn.dll
2009-07-14 00:31 - 2009-07-14 02:41 - 000090624 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wdi.dll
2009-07-14 00:40 - 2009-07-14 02:41 - 000035840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdiasqmmodule.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000210432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdigest.DLL
2009-07-14 01:18 - 2009-07-14 02:38 - 000217088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdmaud.drv
2009-07-14 00:28 - 2009-07-14 02:41 - 000271360 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WDSCORE.dll
2009-07-14 01:11 - 2009-07-14 02:41 - 000394752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\webio.dll
2009-07-14 01:01 - 2009-07-14 02:41 - 001159168 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\webservices.dll
2009-07-14 00:41 - 2009-07-14 02:41 - 000484352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wer.dll
2009-07-14 00:41 - 2009-07-14 02:41 - 001280512 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\werconcpl.dll
2009-07-14 00:40 - 2009-07-14 02:41 - 000084480 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wercplsupport.dll
2009-07-14 00:46 - 2009-07-14 02:41 - 000428032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wevtapi.dll
2009-07-14 00:49 - 2009-07-14 02:41 - 001646080 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wevtsvc.dll
2009-07-14 01:08 - 2009-07-14 02:41 - 000022528 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wfapigp.dll
2009-07-14 01:35 - 2009-07-14 02:41 - 000043520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wiarpc.dll
2009-07-14 01:35 - 2009-07-14 02:41 - 000578560 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wiaservc.dll
2009-07-14 01:35 - 2009-07-14 02:41 - 000014848 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wiatrace.dll
2009-07-14 01:40 - 2009-07-14 02:41 - 000745984 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\win32spl.dll
2009-07-14 00:30 - 2009-07-14 02:41 - 000016384 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WINBRAND.dll
2009-07-14 00:42 - 2009-07-14 02:41 - 001189888 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WindowsCodecs.dll
2009-07-14 01:11 - 2009-07-14 02:41 - 000438784 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINHTTP.dll
2012-10-24 15:00 - 2012-10-24 15:00 - 001192960 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wininet.dll
2009-07-14 01:18 - 2009-07-14 02:41 - 000217600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINMM.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000026112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINNSI.DLL
2009-07-14 00:53 - 2009-07-14 02:41 - 000028672 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\winrnr.dll
2009-07-14 00:35 - 2009-07-14 02:41 - 000500224 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WinSATAPI.dll
2009-07-14 00:50 - 2009-07-14 02:41 - 000217600 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WinSCard.dll
2009-07-14 01:39 - 2009-07-14 02:38 - 000441856 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WINSPOOL.DRV
2009-07-14 00:38 - 2009-07-14 02:41 - 000214016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\winsrv.DLL
2009-07-14 01:17 - 2009-07-14 02:41 - 000233472 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINSTA.dll
2009-07-14 00:49 - 2009-07-14 02:41 - 000220160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINTRUST.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000071680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wkscli.dll
2009-07-14 00:53 - 2009-07-14 02:41 - 000118784 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wkssvc.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000114176 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wlanapi.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000119296 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wlanhlp.dll
2009-07-14 01:11 - 2009-07-14 02:41 - 000832512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WlanMM.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000414720 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WLANMSM.DLL
2009-07-14 01:07 - 2009-07-14 02:41 - 000448000 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WLANSEC.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000886784 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wlansvc.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000010752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wlanutil.dll
2009-07-14 00:54 - 2009-07-14 02:41 - 000311808 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WLDAP32.dll
2009-07-14 01:07 - 2009-07-14 02:41 - 000108544 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wlgpclnt.dll
2009-07-14 00:52 - 2009-07-14 02:41 - 000010752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wls0wndh.dll
2009-07-14 01:41 - 2009-07-14 02:33 - 000005120 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WMI.dll
2009-07-14 00:52 - 2009-07-14 02:41 - 000014848 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WMsgAPI.dll
2009-07-14 00:26 - 2009-07-14 02:41 - 000243200 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\wow64.dll
2009-07-14 00:26 - 2009-07-14 02:41 - 000013312 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\wow64cpu.dll
2009-07-14 00:38 - 2009-07-14 02:41 - 000361984 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\wow64win.dll
2009-07-14 01:22 - 2009-07-14 02:41 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wpdshserviceobj.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000296448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WS2_32.dll
2009-07-14 00:48 - 2009-07-14 02:41 - 000058880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WSCAPI.dll
2009-07-14 00:48 - 2009-07-14 02:41 - 000146432 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wscinterop.dll
2009-07-14 00:48 - 2009-07-14 02:41 - 000022528 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wscisvif.dll
2009-07-14 00:48 - 2009-07-14 02:41 - 000097280 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wscsvc.dll
2009-07-14 00:48 - 2009-07-14 02:38 - 001162240 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wscui.cpl
2009-07-14 00:36 - 2009-07-14 02:41 - 000585216 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wsdapi.dll
2009-07-14 01:41 - 2009-07-14 02:41 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WSDCHNGR.DLL
2009-07-14 01:39 - 2009-07-14 02:41 - 000224768 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WSDMon.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000013824 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wship6.dll
2009-07-14 00:21 - 2009-07-14 02:41 - 000013312 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wshtcpip.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000067072 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wsnmp32.dll
2009-07-14 01:10 - 2009-07-14 02:41 - 000018432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WSOCK32.dll
2009-07-14 01:17 - 2009-07-14 02:41 - 000054272 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WTSAPI32.dll
2009-07-14 01:35 - 2009-07-14 02:41 - 000695808 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wuapi.dll
2009-07-14 01:36 - 2009-07-14 02:41 - 002418176 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng.dll
2009-07-14 01:05 - 2009-07-14 02:41 - 000182784 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WUDFPlatform.dll
2009-07-14 01:05 - 2009-07-14 02:41 - 000075264 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wudfsvc.dll
2009-07-14 01:34 - 2009-07-14 02:41 - 000032768 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wups.dll
2009-07-14 01:12 - 2009-07-14 02:41 - 000368640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wwanapi.dll
2009-07-14 01:12 - 2009-07-14 02:41 - 000693248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WWanMM.dll
2009-07-14 01:12 - 2009-07-14 02:41 - 000036352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wwapi.dll
2009-07-14 01:41 - 2009-07-14 02:41 - 000199680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\XmlLite.dll
2009-07-14 00:56 - 2009-07-14 02:41 - 000366080 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\zipfldr.dll
2009-07-14 01:20 - 2009-07-14 02:14 - 000640000 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\ADVAPI32.dll
2009-07-14 00:16 - 2009-07-14 02:15 - 000145920 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\CFGMGR32.dll
2009-07-14 00:44 - 2009-07-14 02:15 - 000522240 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\CLBCatQ.DLL
2009-07-14 00:39 - 2009-07-14 02:15 - 000486912 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\comdlg32.dll
2009-07-14 00:34 - 2009-07-14 02:15 - 001151488 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\CRYPT32.dll
2009-07-14 00:12 - 2009-07-14 02:15 - 000036864 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\CRYPTBASE.dll
2009-07-14 00:16 - 2009-07-14 02:15 - 000064512 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\DEVOBJ.dll
2009-07-14 00:25 - 2009-07-14 02:11 - 000310784 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\GDI32.dll
2009-07-14 00:44 - 2009-07-14 02:15 - 002058240 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\iertutil.dll
2009-07-14 00:57 - 2009-07-14 02:15 - 000154624 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\imagehlp.dll
2009-07-14 00:16 - 2009-07-14 02:11 - 000836608 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\kernel32.dll
2009-07-14 00:11 - 2009-07-14 02:11 - 000269824 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\KERNELBASE.dll
2009-07-14 00:25 - 2009-07-14 02:11 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\LPK.dll
2012-10-24 14:45 - 2012-10-24 14:45 - 000034816 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\MSASN1.dll
2009-07-14 00:28 - 2009-07-14 02:15 - 000828928 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\MSCTF.dll
2009-07-14 00:12 - 2009-07-14 02:15 - 000690688 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\msvcrt.dll
2009-07-14 00:15 - 2009-07-14 02:09 - 000002048 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\Normaliz.dll
2009-07-14 00:12 - 2009-07-14 02:16 - 000008704 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\NSI.dll
2009-07-14 00:45 - 2009-07-14 02:16 - 001412608 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\ole32.dll
2009-07-14 00:44 - 2009-07-14 02:16 - 000571904 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\OLEAUT32.dll
2009-07-14 00:15 - 2009-07-14 02:16 - 000006144 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\PSAPI.DLL
2009-07-14 00:12 - 2009-07-14 02:11 - 000662528 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\RPCRT4.dll
2009-07-14 00:11 - 2009-07-14 02:16 - 000092160 _____ (Microsoft Corporation) [File not signed] C:\Windows\SysWOW64\sechost.dll
2009-07-14 00:16 - 2009-07-14 02:16 - 001668608 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\SETUPAPI.dll
2009-07-14 00:47 - 2009-07-14 02:16 - 012866560 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\SHELL32.dll
2009-07-14 00:39 - 2009-07-14 02:16 - 000350208 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\SHLWAPI.dll
2009-07-14 00:11 - 2009-07-14 02:11 - 000096768 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\SspiCli.dll
2012-10-24 15:00 - 2012-10-24 15:00 - 001224704 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\urlmon.dll
2009-07-14 00:24 - 2009-07-14 02:11 - 000833024 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USER32.dll
2009-07-14 00:25 - 2009-07-14 02:16 - 000627200 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USP10.dll
2012-10-24 15:00 - 2012-10-24 15:00 - 000977920 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\WININET.dll
2009-07-14 00:32 - 2009-07-14 02:16 - 000172544 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\WINTRUST.dll
2009-07-14 00:38 - 2009-07-14 02:16 - 000268800 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\WLDAP32.dll
2009-07-14 00:12 - 2009-07-14 02:16 - 000206336 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\WS2_32.dll
2009-07-14 00:55 - 2009-07-14 02:40 - 000633856 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_a44af8ec57f961cf\COMCTL32.dll
2009-07-14 00:56 - 2009-07-14 02:24 - 002030080 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6\comctl32.dll
2009-07-14 00:40 - 2009-07-14 02:24 - 002165248 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_2b4f45e87195fcc4\gdiplus.dll
2012-10-24 14:31 - 2012-10-24 14:31 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
2009-07-14 00:39 - 2009-07-14 02:15 - 000530432 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\COMCTL32.dll
2009-07-14 00:40 - 2009-07-14 02:03 - 001680896 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
2009-07-14 00:26 - 2009-07-14 02:03 - 001624576 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll
2013-10-21 21:12 - 2011-11-07 14:57 - 000053248 _____ (STMicroelectronics) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\STDFU.dll
2013-10-21 21:12 - 2011-11-09 19:17 - 000035328 _____ (STMicroelectronics) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\STDFUFiles.dll
2013-10-21 21:12 - 2011-11-09 19:17 - 000029184 _____ (STMicroelectronics) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\STDFUPRT.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 001208320 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\awt.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 002572288 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\client\jvm.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 000339968 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\fontmanager.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 000015872 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\hpi.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 000126976 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\java.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 000077824 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\net.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 000020480 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\nio.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 000031744 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\verify.dll
2013-10-21 21:11 - 2013-10-21 21:11 - 000047104 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 [129]
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [143]
AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [136]
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE [138]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [140]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 8) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKU\S-1-5-21-1084374266-1562699828-3666482862-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ535
SearchScopes: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ535
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\mskapbho.dll => No File
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-10-24] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1084374266-1562699828-3666482862-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\acerf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9BD50B24-76A8-4F88-A922-6509A231B3AB}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe => No File
FirewallRules: [{D40ADE70-33C2-4694-8334-599CBF31D99E}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe => No File
FirewallRules: [{E286A95B-4E59-45C6-8938-0C5C5E419ECD}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe => No File
FirewallRules: [{38770A2D-0CA0-401E-A997-4DB0DDA7C191}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe => No File
FirewallRules: [{B95F50AF-F67E-4C14-9BEA-AC6EC29CB52B}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe => No File
FirewallRules: [{FA2993F1-E121-4E8E-9790-75F519295094}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe => No File
FirewallRules: [{679C3320-789C-46AD-B889-573867D74CE3}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe => No File
FirewallRules: [{CAF92970-0DF2-4CF8-99A8-7DBE205968AF}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe => No File
FirewallRules: [{B96E0FE3-6907-41A2-B8F0-B44E2F39D174}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CD13978-F02F-4DE0-BDD1-86418EA10E40}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{75484288-11FC-4C05-A15E-7C269E6A3E98}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1BB8805-0A43-41FE-82E7-7B7863AA9A74}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{1DCA1DF9-58E0-4AA3-A598-90BEB7ECF1A4}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{70F81BB6-0269-474F-BAA2-6A2392A192E3}] => (Allow) C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe (eInstruction -> eInstruction Corporation)
FirewallRules: [{7263FC1D-A476-4C72-99E3-63AFCCFA710E}] => (Allow) C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe (eInstruction -> eInstruction Corporation)
FirewallRules: [{F71283C9-4D10-493B-B422-63286EFF0D42}] => (Allow) C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\java.exe
FirewallRules: [{1E3CF051-86F4-4D66-A7D3-2C90932910D4}] => (Allow) C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\java.exe
FirewallRules: [{BFB014D6-A685-4225-95F8-5892B1CB6976}] => (Allow) C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\javaw.exe
FirewallRules: [{06183E51-CEC9-4451-BD68-07615DF79916}] => (Allow) C:\Program Files (x86)\eInstruction\Device Manager\jre\bin\javaw.exe
FirewallRules: [{8A3B3E84-1998-4B39-9F96-ACF6C8D8D925}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{9A6EB676-AD74-467F-8B9D-51E23D4C5C55}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{A68A5B01-751C-4EB6-A885-7823A553730E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{EBB91B8B-7BAE-4C73-995B-FCE2B4FB2BFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{7C94A27F-6002-4296-A07C-1AEA323A141C}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8C97F2BA-71FC-44E6-9864-F112B67BAA64}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8FDB8948-9EA4-46F5-8C86-1B6DAB5FF459}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{1BE5CA4D-3CF8-4924-9135-09C4E10104E0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [UDP Query User{3E23DF97-9442-4236-995B-C09D46D5584E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [{B931A8AC-9C6B-4834-8E96-DBFC07E66367}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{EDF3D072-6D76-40CE-AA8E-2B65E435FA55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [TCP Query User{2E54FB94-3232-468C-826D-52C3CFD599BF}C:\program files (x86)\einstruction\device manager\launch.exe] => (Block) C:\program files (x86)\einstruction\device manager\launch.exe (eInstruction -> eInstruction Corporation)
FirewallRules: [UDP Query User{9C832895-74FD-4BFA-B538-06C89132D056}C:\program files (x86)\einstruction\device manager\launch.exe] => (Block) C:\program files (x86)\einstruction\device manager\launch.exe (eInstruction -> eInstruction Corporation)
FirewallRules: [{417C1326-34F2-4879-AF12-3EF7EED5593A}] => (Allow) C:\Program Files\ESET\ESET SecurityESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{2962BA82-A3E8-44D3-907F-F74C1D880778}] => (Allow) C:\Program Files\ESET\ESET SecurityESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{5F2A5CC5-858B-444E-8E4F-4CBC900F67FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{10BFC5A5-C351-4C72-A80B-256B2DC8976C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{58A86009-C5AD-4034-9932-2D6110547651}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{758A8928-1941-4E66-B012-52F7FEE910A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{16391CCE-1D0A-4D04-89BD-DDDCDC5A281A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E3BD1AA0-909D-451A-ADC7-267669FF795C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

20-12-2020 18:13:25 Nainstalováno: Mozilla Firefox 84.0 x64 en-US
14-01-2021 18:10:00 Naplánovaný kontrolní bod
24-01-2021 16:13:52 Instalováno Acer Updater
24-01-2021 16:50:40 Instalováno Atheros Driver Installation Program
24-01-2021 17:08:21 Odstraněno Atheros Driver Installation Program
24-01-2021 17:50:39 Instalováno Atheros Driver Installation Program
24-01-2021 20:08:32 AdwCleaner_BeforeCleaning_24/01/2021_20:08:28

==================== Faulty Device Manager Devices ============

Name: Připojení WAN Miniport (PPTP)
Description: Připojení WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Připojení WAN Miniport (SSTP)
Description: Připojení WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #9
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Síťový adaptér
Description: Síťový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Připojení WAN Miniport (L2TP)
Description: Připojení WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Připojení WAN Miniport (Sledování sítě)
Description: Připojení WAN Miniport (Sledování sítě)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Připojení WAN Miniport (IP)
Description: Připojení WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Připojení WAN Miniport (IPv6)
Description: Připojení WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Připojení WAN Miniport (PPPOE)
Description: Připojení WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.

Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.

Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.

Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.

Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.

Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.

Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.

Error: (01/24/2021 08:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -583.


System errors:
=============
Error: (01/24/2021 08:50:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (01/24/2021 08:50:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-2147217025, specifickou pro službu.

Error: (01/24/2021 08:15:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (01/24/2021 08:15:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-2147217025, specifickou pro službu.

Error: (01/24/2021 08:12:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (01/24/2021 08:12:39 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-2147217025, specifickou pro službu.

Error: (01/24/2021 08:12:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (01/24/2021 08:12:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 3krát.


CodeIntegrity:
===================================

Date: 2021-01-24 17:05:55.426
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-24 17:05:55.410
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-09 21:52:07.153
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mfefirek.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-09 21:52:07.090
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mfeavfk.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-09 21:52:01.599
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-09 21:52:01.287
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 22:33:29.792
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mfefirek.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 22:33:29.668
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mfeavfk.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Phoenix Technologies LTD V1.33 05/06/2010
Motherboard: Acer JV50
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 56%
Total physical RAM: 1976.93 MB
Available physical RAM: 869.01 MB
Total Virtual: 3953.85 MB
Available Virtual: 2630.71 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:141.07 GB) (Free:79.08 GB) NTFS
Drive d: (DATA) (Fixed) (Total:141.3 GB) (Free:140.79 GB) NTFS

\\?\Volume{dbbaa5d4-b0c0-11e2-96db-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{dbbaa5d3-b0c0-11e2-96db-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:15.62 GB) (Free:2.91 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 251603F4)
Partition 1: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 [129]
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [143]
AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [136]
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE [138]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [140]
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => No File
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\mskapbho.dll => No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FirewallRules: [{9BD50B24-76A8-4F88-A922-6509A231B3AB}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe => No File
FirewallRules: [{D40ADE70-33C2-4694-8334-599CBF31D99E}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe => No File
FirewallRules: [{E286A95B-4E59-45C6-8938-0C5C5E419ECD}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe => No File
FirewallRules: [{38770A2D-0CA0-401E-A997-4DB0DDA7C191}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe => No File
FirewallRules: [{B95F50AF-F67E-4C14-9BEA-AC6EC29CB52B}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe => No File
FirewallRules: [{FA2993F1-E121-4E8E-9790-75F519295094}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe => No File
FirewallRules: [{679C3320-789C-46AD-B889-573867D74CE3}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe => No File
FirewallRules: [{CAF92970-0DF2-4CF8-99A8-7DBE205968AF}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe => No File
FirewallRules: [{8A3B3E84-1998-4B39-9F96-ACF6C8D8D925}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{9A6EB676-AD74-467F-8B9D-51E23D4C5C55}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{A68A5B01-751C-4EB6-A885-7823A553730E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{EBB91B8B-7BAE-4C73-995B-FCE2B4FB2BFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{B931A8AC-9C6B-4834-8E96-DBFC07E66367}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{EDF3D072-6D76-40CE-AA8E-2B65E435FA55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{5F2A5CC5-858B-444E-8E4F-4CBC900F67FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Wow6432Node\Microsoft\Active SHKU\S-1-5-21-1084374266-1562699828-3666482862-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {4D8182B8-B85A-4973-968D-5A26487E8D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {73A82E28-1256-4263-9E9F-8437BBBEEB69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
U3 mfeavfk01; no ImagePath
C:\Users\acerf\AppData\Local\{09AFE041-8361-4139-B118-489C676041CA}

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by acerf (24-01-2021 22:13:03) Run:1
Running from C:\Users\acerf\Desktop
Loaded Profiles: acerf
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 [129]
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [143]
AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [136]
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE [138]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [140]
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => No File
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\mskapbho.dll => No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1084374266-1562699828-3666482862-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FirewallRules: [{9BD50B24-76A8-4F88-A922-6509A231B3AB}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe => No File
FirewallRules: [{D40ADE70-33C2-4694-8334-599CBF31D99E}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe => No File
FirewallRules: [{E286A95B-4E59-45C6-8938-0C5C5E419ECD}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe => No File
FirewallRules: [{38770A2D-0CA0-401E-A997-4DB0DDA7C191}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe => No File
FirewallRules: [{B95F50AF-F67E-4C14-9BEA-AC6EC29CB52B}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe => No File
FirewallRules: [{FA2993F1-E121-4E8E-9790-75F519295094}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe => No File
FirewallRules: [{679C3320-789C-46AD-B889-573867D74CE3}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe => No File
FirewallRules: [{CAF92970-0DF2-4CF8-99A8-7DBE205968AF}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe => No File
FirewallRules: [{8A3B3E84-1998-4B39-9F96-ACF6C8D8D925}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{9A6EB676-AD74-467F-8B9D-51E23D4C5C55}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{A68A5B01-751C-4EB6-A885-7823A553730E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{EBB91B8B-7BAE-4C73-995B-FCE2B4FB2BFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{B931A8AC-9C6B-4834-8E96-DBFC07E66367}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{EDF3D072-6D76-40CE-AA8E-2B65E435FA55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{5F2A5CC5-858B-444E-8E4F-4CBC900F67FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Wow6432Node\Microsoft\Active SHKU\S-1-5-21-1084374266-1562699828-3666482862-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {4D8182B8-B85A-4973-968D-5A26487E8D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {73A82E28-1256-4263-9E9F-8437BBBEEB69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
U3 mfeavfk01; no ImagePath
C:\Users\acerf\AppData\Local\{09AFE041-8361-4139-B118-489C676041CA}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully
C:\ProgramData\Temp => ":93DE1838" ADS removed successfully
C:\ProgramData\Temp => ":ABE89FFE" ADS removed successfully
C:\ProgramData\Temp => ":E36F5B57" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => removed successfully
HKLM\Software\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
"HKU\S-1-5-21-1084374266-1562699828-3666482862-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BD50B24-76A8-4F88-A922-6509A231B3AB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D40ADE70-33C2-4694-8334-599CBF31D99E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E286A95B-4E59-45C6-8938-0C5C5E419ECD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38770A2D-0CA0-401E-A997-4DB0DDA7C191}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B95F50AF-F67E-4C14-9BEA-AC6EC29CB52B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA2993F1-E121-4E8E-9790-75F519295094}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{679C3320-789C-46AD-B889-573867D74CE3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CAF92970-0DF2-4CF8-99A8-7DBE205968AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A3B3E84-1998-4B39-9F96-ACF6C8D8D925}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A6EB676-AD74-467F-8B9D-51E23D4C5C55}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A68A5B01-751C-4EB6-A885-7823A553730E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EBB91B8B-7BAE-4C73-995B-FCE2B4FB2BFD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B931A8AC-9C6B-4834-8E96-DBFC07E66367}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDF3D072-6D76-40CE-AA8E-2B65E435FA55}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F2A5CC5-858B-444E-8E4F-4CBC900F67FD}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\HKLM\Software\Wow6432Node\Microsoft\Active SS-1-5-21-1084374266-1562699828-3666482862-1000\SOFTWARE\Policies\Google" => not found
Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D8182B8-B85A-4973-968D-5A26487E8D6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D8182B8-B85A-4973-968D-5A26487E8D6F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73A82E28-1256-4263-9E9F-8437BBBEEB69}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73A82E28-1256-4263-9E9F-8437BBBEEB69}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\mfeavfk01 => removed successfully
mfeavfk01 => service removed successfully
C:\Users\acerf\AppData\Local\{09AFE041-8361-4139-B118-489C676041CA} => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8249339 B
Java, Flash, Steam htmlcache => 3470 B
Windows/system/drivers => 518186781 B
Edge => 0 B
Chrome => 226646103 B
Firefox => 749130179 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 98353121 B
systemprofile32 => 106749741 B
LocalService => 106881985 B
NetworkService => 106948213 B
acerf => 178499644 B

RecycleBin => 11463432 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:18:54 ====

Smazáno. Nastala nějaká změna?

Ano. Díky.

To jsem rád. Nemáte zač!