Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Problém notebook NVstreamuseragent.exe

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
tomic91
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 čer 2016 12:14

Problém notebook NVstreamuseragent.exe

#1 Příspěvek od tomic91 »

Dobrý den, mám problém s NVstreamuseragent.exe zabírá mi paměť a zpomaluje notebook. Prosím o pomoc z jeho odstraněním. Děkuji
Přikládám LOG
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomic at 2018-03-17 22:05:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 51 GB (16%) free of 307 GB
Total RAM: 8078 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:05:59, on 17.3.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18939)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files\trend micro\Tomic.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [CommonToolkitTray_Solvusoft] C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-97547007-394703-2295398756-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-97547007-394703-2295398756-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files (x86)\IVT Corporation\BlueSoleil\gprs.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: RedKings - {495AE433-2495-4411-8A98-CA3A369FA30F} - C:\Microgaming\Poker\redkingsmpp\MPPoker.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B796FCF-8FDF-46FF-B5CD-F2FBB0BFE902}: NameServer = 77.234.40.79
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CyberLink Product - 2014/11/01 13:14:18 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: postgresql-x64-9.0 - PostgreSQL Server 9.0 (postgresql-x64-9.0) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Solvusoft Suite Service - Solvusoft Corporation - C:\Program Files (x86)\Solvusoft\SuiteService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Start BT in service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13557 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 15614784
\??\C:\Windows\system32\conhost.exe "1641930232-2035956017-1720452180973450804-1438251733138604184-16564755801851105005
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe"
taskeng.exe {7B63FEE8-0E2A-4431-A44B-AC59281CE06F}
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe" --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe" runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" -D "C:/Program Files/PostgreSQL/9.0/data"
\??\C:\Windows\system32\conhost.exe "-765961890-614602241-232406184-837699851-24381838721836858515199058921861748855
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forklog" "632" "628"
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:2464
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "848" "-x3"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkboot" "852" "-x4"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkavlauncher" "848"
"C:/Program Files/PostgreSQL/9.0/bin/postgres.exe" "--forkcol" "852"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
\??\C:\Windows\system32\conhost.exe "320126811-18492357211809429725905118924386028685-1773861294-21239774481822468108
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\igfxpers.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskmgr.exe /3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Tomic\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Tomic\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=64.0.3282.186 --initial-client-data=0xc8,0xcc,0xd0,0xc4,0xd4,0x7feed852050,0x7feed852060,0x7feed852070
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4868 --on-initialized-event-handle=384 --parent-handle=396 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1240,5498896278883066016,18230580938914860388,131072 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2696 --gpu-driver-date=3-19-2012 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0de9 --service-request-channel-token=86E84CADB55F2826B0CC3FBF1E784E9E --mojo-platform-channel-handle=1256 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,5498896278883066016,18230580938914860388,131072 --service-pipe-token=C1C65D934B42AECE52C7835764133DE9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=C1C65D934B42AECE52C7835764133DE9 --renderer-client-id=12 --mojo-platform-channel-handle=1140 /prefetch:1
"C:\Program Files\Trojan Killer\tk64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,5498896278883066016,18230580938914860388,131072 --service-pipe-token=5764C207FD14A4811978ED1D682FF5C0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=5764C207FD14A4811978ED1D682FF5C0 --renderer-client-id=16 --mojo-platform-channel-handle=2100 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,5498896278883066016,18230580938914860388,131072 --service-pipe-token=C6E0077AD73F709E244B68233ECBC930 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=C6E0077AD73F709E244B68233ECBC930 --renderer-client-id=20 --mojo-platform-channel-handle=6580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,5498896278883066016,18230580938914860388,131072 --service-pipe-token=66EA9EB076A6F330722FB3C08629BF0A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=66EA9EB076A6F330722FB3C08629BF0A --renderer-client-id=24 --mojo-platform-channel-handle=4052 /prefetch:1
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe"
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,5498896278883066016,18230580938914860388,131072 --service-pipe-token=FDD6207650D216C202AC0AD9B3179DD2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=FDD6207650D216C202AC0AD9B3179DD2 --renderer-client-id=33 --mojo-platform-channel-handle=5876 /prefetch:1
"C:\Windows\System32\perfmon.exe" /res
taskeng.exe {B144F1F9-FC42-4C4E-A1DB-D4D95246D7E1}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,5498896278883066016,18230580938914860388,131072 --service-pipe-token=903C47FB81503091AC64328E3CFBA907 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=903C47FB81503091AC64328E3CFBA907 --renderer-client-id=43 --mojo-platform-channel-handle=7408 /prefetch:1
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Users\Tomic\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\DriverDoc Auto Start.job - C:\Program Files (x86)\Solvusoft\DriverDoc\DriverDoc.exe /scheduled
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1228198.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default\extensions\
sko-extension@firma.seznam.cz
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default\searchplugins\
firmy.cz-042259.xml.bak
videa.seznam.cz-042259.xml.bak
zbozi.cz-042259.xml.bak

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-04 207016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-03-04 1058480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-03-04 677040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS Quick Gesture (x86)"=C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [2012-07-14 17376]
"ASUS TP Center (x64)"=C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [2012-07-14 235488]
"ASUS Quick Gesture (x64)"=C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [2012-07-14 19424]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-07-10 1214608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-17 361984]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-06-14 1767944]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-06 253344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-06-19 174752]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ASUS InstantKey"=C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [2012-02-20 20456]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-21 102568]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"CommonToolkitTray_Solvusoft"=C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe [2015-09-23 1686088]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-08-19 3389160]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BlueSoleil.lnk - C:\Program Files (x86)\IVT Corporation\BlueSoleil\gprs.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-04-02 434688]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-17 21:32:04 ----D---- C:\ProgramData\SystemExplorer
2018-03-17 21:32:03 ----D---- C:\Program Files (x86)\System Explorer
2018-03-17 21:27:16 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-03-17 21:27:15 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-03-17 21:26:40 ----A---- C:\Windows\system32\aswBoot.exe
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-03-14 16:51:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-03-14 16:51:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-14 16:51:17 ----A---- C:\Windows\system32\jsproxy.dll
2018-03-14 16:51:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-14 16:51:17 ----A---- C:\Windows\system32\ieui.dll
2018-03-14 16:51:17 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-03-14 16:51:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-03-14 16:51:17 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-03-14 16:51:16 ----A---- C:\Windows\system32\wininet.dll
2018-03-14 16:51:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-03-14 16:51:16 ----A---- C:\Windows\system32\mshtmled.dll
2018-03-14 16:51:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-03-14 16:51:16 ----A---- C:\Windows\system32\jscript9diag.dll
2018-03-14 16:51:16 ----A---- C:\Windows\system32\jscript9.dll
2018-03-14 16:51:15 ----A---- C:\Windows\system32\mshtml.dll
2018-03-14 16:51:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-03-14 16:51:14 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-03-14 16:51:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-03-14 16:51:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-03-14 16:51:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-03-14 16:51:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-03-14 16:51:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-03-14 16:51:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-03-14 16:51:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-03-14 16:51:12 ----A---- C:\Windows\system32\msfeeds.dll
2018-03-14 16:51:12 ----A---- C:\Windows\system32\ieframe.dll
2018-03-14 16:51:12 ----A---- C:\Windows\system32\ieapfltr.dll
2018-03-14 16:51:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-03-14 16:51:11 ----A---- C:\Windows\system32\iertutil.dll
2018-03-14 16:51:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-03-14 16:51:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-03-14 16:51:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-03-14 16:51:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-03-14 16:51:10 ----A---- C:\Windows\system32\vbscript.dll
2018-03-14 16:51:10 ----A---- C:\Windows\system32\urlmon.dll
2018-03-14 16:51:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-03-14 16:51:10 ----A---- C:\Windows\system32\jscript.dll
2018-03-14 16:51:10 ----A---- C:\Windows\system32\ieUnatt.exe
2018-03-14 16:51:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-03-14 16:51:09 ----A---- C:\Windows\system32\win32k.sys
2018-03-14 16:51:09 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-03-14 16:51:08 ----A---- C:\Windows\system32\iedkcs32.dll
2018-03-14 16:51:08 ----A---- C:\Windows\system32\ie4uinit.exe
2018-03-14 16:51:08 ----A---- C:\Windows\system32\dxtrans.dll
2018-03-14 16:51:08 ----A---- C:\Windows\system32\dxtmsft.dll
2018-03-14 16:51:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-03-14 16:51:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2018-03-14 16:51:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-03-14 16:51:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-03-14 16:51:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-03-14 16:51:07 ----A---- C:\Windows\system32\webcheck.dll
2018-03-14 16:51:07 ----A---- C:\Windows\system32\msrating.dll
2018-03-14 16:51:07 ----A---- C:\Windows\system32\inseng.dll
2018-03-14 16:51:07 ----A---- C:\Windows\system32\iernonce.dll
2018-03-14 16:51:06 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2018-03-14 16:51:06 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2018-03-14 16:51:06 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-03-14 16:51:06 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-03-14 16:51:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-03-14 16:51:06 ----A---- C:\Windows\system32\zipfldr.dll
2018-03-14 16:51:06 ----A---- C:\Windows\system32\WinSCard.dll
2018-03-14 16:51:06 ----A---- C:\Windows\system32\scesrv.dll
2018-03-14 16:51:06 ----A---- C:\Windows\system32\occache.dll
2018-03-14 16:51:06 ----A---- C:\Windows\system32\msra.exe
2018-03-14 16:51:06 ----A---- C:\Windows\system32\msi.dll
2018-03-14 16:51:05 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-03-14 16:51:05 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-03-14 16:51:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-03-14 16:51:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-03-14 16:51:05 ----A---- C:\Windows\system32\TSpkg.dll
2018-03-14 16:51:05 ----A---- C:\Windows\system32\iesetup.dll
2018-03-14 16:51:05 ----A---- C:\Windows\system32\hal.dll
2018-03-14 16:51:05 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-03-14 16:51:05 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-03-14 16:51:04 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-03-14 16:51:04 ----A---- C:\Windows\system32\ntdll.dll
2018-03-14 16:51:04 ----A---- C:\Windows\system32\msihnd.dll
2018-03-14 16:51:04 ----A---- C:\Windows\system32\drivers\pci.sys
2018-03-14 16:51:04 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2018-03-14 16:51:04 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-03-14 16:51:03 ----A---- C:\Windows\system32\drivers\termdd.sys
2018-03-14 16:51:03 ----A---- C:\Windows\system32\drivers\swenum.sys
2018-03-14 16:51:03 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2018-03-14 16:51:03 ----A---- C:\Windows\system32\drivers\AGP440.sys
2018-03-14 16:51:02 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2018-03-14 16:51:02 ----A---- C:\Windows\system32\streamci.dll
2018-03-14 16:51:02 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2018-03-14 16:51:02 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2018-03-14 16:51:02 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2018-03-14 16:51:02 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-03-14 16:51:01 ----A---- C:\Windows\SYSWOW64\sdchange.exe
2018-03-14 16:51:01 ----A---- C:\Windows\SYSWOW64\racpldlg.dll
2018-03-14 16:51:01 ----A---- C:\Windows\SYSWOW64\msra.exe
2018-03-14 16:51:01 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-03-14 16:51:01 ----A---- C:\Windows\system32\winload.exe
2018-03-14 16:51:01 ----A---- C:\Windows\system32\sdchange.exe
2018-03-14 16:51:01 ----A---- C:\Windows\system32\rpcrt4.dll
2018-03-14 16:51:01 ----A---- C:\Windows\system32\racpldlg.dll
2018-03-14 16:51:01 ----A---- C:\Windows\system32\msrahc.dll
2018-03-14 16:51:01 ----A---- C:\Windows\system32\lsasrv.dll
2018-03-14 16:51:01 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-03-14 16:51:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-03-14 16:51:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-03-14 16:51:01 ----A---- C:\Windows\system32\consent.exe
2018-03-14 16:51:01 ----A---- C:\Windows\system32\certcli.dll
2018-03-14 16:51:00 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-03-14 16:51:00 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\winsrv.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\wdigest.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\srcore.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\smss.exe
2018-03-14 16:51:00 ----A---- C:\Windows\system32\schannel.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\rstrui.exe
2018-03-14 16:51:00 ----A---- C:\Windows\system32\msv1_0.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\kernel32.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\kerberos.dll
2018-03-14 16:51:00 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2018-03-14 16:51:00 ----A---- C:\Windows\system32\drivers\errdev.sys
2018-03-14 16:51:00 ----A---- C:\Windows\system32\conhost.exe
2018-03-14 16:51:00 ----A---- C:\Windows\system32\advapi32.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-03-14 16:50:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-03-14 16:50:59 ----A---- C:\Windows\system32\rpchttp.dll
2018-03-14 16:50:59 ----A---- C:\Windows\system32\ntvdm64.dll
2018-03-14 16:50:59 ----A---- C:\Windows\system32\ncrypt.dll
2018-03-14 16:50:59 ----A---- C:\Windows\system32\KernelBase.dll
2018-03-14 16:50:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-03-14 16:50:59 ----A---- C:\Windows\system32\csrsrv.dll
2018-03-14 16:50:59 ----A---- C:\Windows\system32\auditpol.exe
2018-03-14 16:50:59 ----A---- C:\Windows\system32\appidsvc.dll
2018-03-14 16:50:59 ----A---- C:\Windows\system32\appidapi.dll
2018-03-14 16:50:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-03-14 16:50:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\wow64win.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\wow64cpu.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\wow64.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\sspisrv.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\sspicli.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\srclient.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\secur32.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\msiexec.exe
2018-03-14 16:50:58 ----A---- C:\Windows\system32\lsass.exe
2018-03-14 16:50:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-03-14 16:50:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-03-14 16:50:58 ----A---- C:\Windows\system32\drivers\appid.sys
2018-03-14 16:50:58 ----A---- C:\Windows\system32\cryptbase.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\credssp.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\bcrypt.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\authui.dll
2018-03-14 16:50:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-03-14 16:50:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-03-14 16:50:58 ----A---- C:\Windows\system32\apisetschema.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 16:50:57 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 16:50:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-14 16:50:56 ----A---- C:\Windows\SYSWOW64\user.exe
2018-03-14 16:50:56 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-03-14 16:50:56 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-03-14 16:50:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-03-14 16:50:56 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-03-14 16:50:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-03-14 16:50:56 ----A---- C:\Windows\system32\msobjs.dll
2018-03-14 16:50:56 ----A---- C:\Windows\system32\msaudite.dll
2018-03-14 16:50:56 ----A---- C:\Windows\system32\appinfo.dll
2018-03-14 16:50:56 ----A---- C:\Windows\system32\adtschema.dll
2018-03-14 16:50:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-03-14 16:50:55 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2018-03-14 16:50:55 ----A---- C:\Windows\system32\tzres.dll
2018-03-14 16:50:55 ----A---- C:\Windows\system32\msimsg.dll
2018-03-14 16:47:35 ----A---- C:\Windows\system32\generaltel.dll
2018-03-14 16:47:35 ----A---- C:\Windows\system32\devinv.dll
2018-03-14 16:47:35 ----A---- C:\Windows\system32\centel.dll
2018-03-14 16:47:35 ----A---- C:\Windows\system32\appraiser.dll
2018-03-14 16:47:35 ----A---- C:\Windows\system32\aeinv.dll
2018-03-14 16:47:34 ----A---- C:\Windows\system32\invagent.dll
2018-03-14 16:47:34 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-03-14 16:47:34 ----A---- C:\Windows\system32\aitstatic.exe
2018-03-14 16:47:34 ----A---- C:\Windows\system32\aepic.dll
2018-03-14 16:47:34 ----A---- C:\Windows\system32\acmigration.dll
2018-02-26 15:54:08 ----D---- C:\Users\Tomic\AppData\Roaming\GGNetwork

======List of files/folders modified in the last 1 month======

2018-03-17 22:05:59 ----D---- C:\Program Files\trend micro
2018-03-17 22:04:14 ----D---- C:\Windows\Temp
2018-03-17 21:44:24 ----D---- C:\Users\Tomic\AppData\Roaming\Microgaming
2018-03-17 21:32:04 ----HD---- C:\ProgramData
2018-03-17 21:32:03 ----RD---- C:\Program Files (x86)
2018-03-17 21:29:26 ----D---- C:\ProgramData\AVAST Software
2018-03-17 21:27:48 ----D---- C:\Windows\system32\Tasks
2018-03-17 21:27:42 ----D---- C:\Windows\system32\drivers
2018-03-17 21:27:20 ----D---- C:\Windows\winsxs
2018-03-17 21:27:20 ----D---- C:\Windows\system32\config
2018-03-17 21:26:40 ----D---- C:\Windows\System32
2018-03-17 21:18:02 ----D---- C:\Windows\inf
2018-03-17 21:18:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-03-17 21:14:38 ----A---- C:\Windows\SYSWOW64\log.txt
2018-03-17 21:14:14 ----A---- C:\Windows\win.ini
2018-03-17 21:11:19 ----D---- C:\Windows\Minidump
2018-03-17 21:11:19 ----D---- C:\ProgramData\NVIDIA
2018-03-17 21:11:06 ----D---- C:\Windows
2018-03-17 21:03:07 ----D---- C:\Windows\system32\NDF
2018-03-17 20:26:06 ----D---- C:\Windows\Microsoft.NET
2018-03-17 20:25:57 ----SHD---- C:\Windows\Installer
2018-03-17 20:25:46 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-03-17 20:21:56 ----D---- C:\Windows\Prefetch
2018-03-17 20:19:41 ----D---- C:\Program Files (x86)\Microsoft Office
2018-03-17 20:11:34 ----D---- C:\Program Files\Internet Explorer
2018-03-17 20:11:33 ----D---- C:\Program Files (x86)\Internet Explorer
2018-03-17 20:11:31 ----D---- C:\Windows\SYSWOW64\en-US
2018-03-17 20:11:29 ----D---- C:\Windows\SysWOW64
2018-03-17 20:11:15 ----D---- C:\Windows\system32\en-US
2018-03-17 20:10:55 ----D---- C:\Windows\AppPatch
2018-03-17 20:10:51 ----D---- C:\Windows\system32\CodeIntegrity
2018-03-17 20:10:51 ----D---- C:\Windows\system32\Boot
2018-03-17 20:10:45 ----D---- C:\Windows\system32\appraiser
2018-03-17 20:10:43 ----D---- C:\Windows\system32\DriverStore
2018-03-16 23:55:40 ----D---- C:\Windows\system32\MRT
2018-03-16 23:55:34 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-03-16 23:55:21 ----AC---- C:\Windows\system32\MRT.exe
2018-03-16 20:59:46 ----SHD---- C:\System Volume Information
2018-03-14 16:40:29 ----D---- C:\Windows\system32\catroot2
2018-03-01 20:46:15 ----D---- C:\BlackChipPoker
2018-02-26 15:54:07 ----D---- C:\Program Files (x86)\Natural8
2018-02-22 18:34:35 ----D---- C:\CoinPoker
2018-02-19 11:22:05 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-03-17 199440]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-03-17 343752]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-03-17 57680]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-03-17 84368]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-03-17 380528]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 24976]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 49680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-03-01 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2016-07-11 38336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-03-17 227504]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-03-17 215320]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-03-17 110328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-03-17 1026696]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-03-17 460520]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-10 283064]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2016-07-11 307768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-03-17 146656]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-03-17 205976]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-07-14 35968]
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-07-14 19104]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-03-21 2808832]
R3 ATP;ASUS PS/2 Port Input Device; C:\Windows\system32\DRIVERS\AsusTP.sys [2012-07-14 49824]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 37896]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 37384]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 25360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-04-02 14745600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-01-16 103536]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2014-06-23 14112]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 47120]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 63248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-03-17 196648]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-03-17 46968]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2017-02-08 53904]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-06-27 80384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 HWHandSet;HUAWEISPMODEM; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [2017-07-26 226560]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-02-26 188224]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2016-07-22 164992]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-29 23200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-06 281416]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe [2007-12-27 166520]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-03-12 7962288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2017-07-26 192200]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-07-11 1364536]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-11-11 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2017-06-18 201872]
R2 postgresql-x64-9.0;postgresql-x64-9.0 - PostgreSQL Server 9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w []
R2 Start BT in service;Start BT in service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-07-10 424384]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2014-07-16 2145080]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-10-06 7446024]
R3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2014/11/01 13:14:18; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-04-20 241648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S2 Solvusoft Suite Service;Solvusoft Suite Service; C:\Program Files (x86)\Solvusoft\SuiteService.exe [2015-11-14 1284168]
S3 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [2017-05-25 404376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-25 146888]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-06-15 1997168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-03-12 211632]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-10-14 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-02 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-16 271864]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-02-10 116224]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Problém notebook NVstreamuseragent.exe

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Tento subor je legitimna sucast programu NVIDIA GeForce Experience, ktory sa instaluje spolu s ovladacmi na graficke karty NVIDIA, avsak nie je potrebny, takze ho mozes odinstalovat. Dalej mozme precistime PC od dalsich zbytocnosti.

:arrow: Odinstaluj tieto programy:
  • DriverDoc
  • McAfee Security Scan
  • Seznam Software
:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomic91
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 čer 2016 12:14

Re: Problém notebook NVstreamuseragent.exe

#3 Příspěvek od tomic91 »

Mi totiž nějaký program blokoval avast, tak jsem si myslel, že to má s tím něco společného. Provedl jsem kroky, které jste mi napsal a po scanu AdwCleaneru mi vyskočí log. Po jeho zavření se dám clean a objeví se hláška: All processes will be closed - Please save your current work if any. Poté co u toho kliknu na ok, mi crashne notebook na modré pozadí s bílým písmem.
Zde přikládám log po scanu. Děkuji
# AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 18 15:25:55 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-03-18.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Solvusoft, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
PUP.Optional.Solvusoft, C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft
PUP.Optional.Solvusoft, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft
PUP.Optional.WiperSoft, C:\Program Files\WiperSoft
PUP.Optional.DriverDoc, C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61F70108E2BCBA24BAD9C61145D0A5B8
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\61F70108E2BCBA24BAD9C61145D0A5B8
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\61F70108E2BCBA24BAD9C61145D0A5B8
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | CommonToolkitTray_Solvusoft
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
PUP.Optional.Ask, [Key] - HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Conduit, [Key] - HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Conduit
PUP.Optional.Conduit, [Key] - HKCU\Software\Conduit
PUP.Optional.Solvusoft, [Key] - HKLM\SOFTWARE\CLASSES\APPLICATIONS\SolvusoftTray.exe
PUP.Optional.Solvusoft, [Key] - HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
PUP.Optional.WinThruster, [Key] - HKLM\SOFTWARE\Common Toolkit Suite
PUP.Optional.WinThruster, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0
PUP.Optional.WinThruster, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0
PUP.Optional.WinThruster, [Key] - HKLM\SOFTWARE\Classes\Applications\SolvusoftTray.exe
PUP.Optional.Goobzo, [Key] - HKU\S-1-5-21-97547007-394703-2295398756-1002\Software\Goobzo


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [4508 B] - [2016/6/29 20:59:46]
C:/AdwCleaner/AdwCleaner[S1].txt - [3395 B] - [2016/6/29 20:58:15]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Problém notebook NVstreamuseragent.exe

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomic91
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 čer 2016 12:14

Re: Problém notebook NVstreamuseragent.exe

#5 Příspěvek od tomic91 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Tomic (administrator) on TOMIC-PC (19-03-2018 13:18:10)
Running from C:\Users\Tomic\Downloads
Loaded Profiles: Tomic & postgres (Available Profiles: Tomic & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
() C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IVT Corporation.) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(IVT Corporation.) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerWeb4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ASUS Quick Gesture (x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [17376 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS TP Center (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [235488 2012-07-14] (AsusTek)
HKLM\...\Run: [ASUS Quick Gesture (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [19424 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s**RtHDVCpl****C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s**kernel32.dll*
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-17] (Alcor Micro Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-17] (AVAST Software)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-20] (ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-21] (ASUS)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {47b4b9c3-cebc-11e7-b793-00030d000001} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {4f79e84f-ad2b-11e4-b207-3085a97fa0ca} - F:\Setup.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {54ed4814-1304-11e6-9fe3-3085a97fa0ca} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {54ed4818-1304-11e6-9fe3-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {61eb56f1-7fa7-11e7-a766-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {7bf06097-138e-11e6-b621-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {b8afde6f-84df-11e7-be45-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {d9ea1f2f-af40-11e7-8e4e-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155768 2016-07-11] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine.lnk [2018-03-18]
ShortcutTarget: Avast SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BlueSoleil.lnk [2017-10-16]
ShortcutTarget: BlueSoleil.lnk -> C:\Program Files (x86)\IVT Corporation\BlueSoleil\gprs.exe (IVT Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7B796FCF-8FDF-46FF-B5CD-F2FBB0BFE902}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{D3DCA4AB-0CDD-460B-933C-863DAFE6637F}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F7107E34-2295-4F78-BC3F-8575F9CE7389}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-04] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-03-17] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-03-04] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-03-17] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-03-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-04] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\Skype4COM.dll [2007-02-07] (Skype Technologies)

FireFox:
========
FF DefaultProfile: zudoydsf.default
FF ProfilePath: C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default [2018-03-19]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default\Extensions\sko-extension@firma.seznam.cz [2017-12-14]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-10]
FF SearchPlugin: C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default\searchplugins\firmy.cz-042259.xml.bak [2016-02-11]
FF SearchPlugin: C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default\searchplugins\videa.seznam.cz-042259.xml.bak [2016-02-11]
FF SearchPlugin: C:\Users\Tomic\AppData\Roaming\Mozilla\Firefox\Profiles\zudoydsf.default\searchplugins\zbozi.cz-042259.xml.bak [2016-02-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-97547007-394703-2295398756-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomic\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-97547007-394703-2295398756-1001: electronicarts.com/GameFacePlugin -> C:\Users\Tomic\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default [2018-03-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-15]
CHR Extension: (Avast SafePrice) - C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-03-17]
CHR Extension: (AdBlock) - C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-17]
CHR Extension: (Avast Online Security) - C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-17]
CHR Extension: (TREZOR Chrome Extension) - C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjjhjgimijdkoamemaghajlhegmoclj [2017-12-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\Tomic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-18]
CHR HKU\S-1-5-21-97547007-394703-2295398756-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-17] (AVAST Software)
R2 BlueSoleil Hid Service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe [166520 2007-12-27] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962288 2018-03-12] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-11-11] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [201872 2017-06-18] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2154232 2018-01-24] (AVAST Software)
R2 Start BT in service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [51816 2007-12-27] ()
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-14] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-14] (ASUS)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196648 2018-03-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-17] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-17] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-17] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-17] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [215320 2018-03-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-03-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146656 2018-03-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110328 2018-03-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-03-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-03-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-03-17] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-03-17] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-02-08] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-03-17] (AVAST Software)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-14] (ASUS Corporation)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [37896 2007-06-24] (IVT Corporation.)
R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [37896 2007-06-24] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37384 2007-06-24] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37384 2007-06-24] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-10] (Disc Soft Ltd)
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2017-07-26] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [307768 2016-07-11] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-19 13:18 - 2018-03-19 13:19 - 000029238 _____ C:\Users\Tomic\Downloads\FRST.txt
2018-03-19 13:18 - 2018-03-19 13:18 - 000000000 ____D C:\FRST
2018-03-19 13:12 - 2018-03-19 13:12 - 002403328 _____ (Farbar) C:\Users\Tomic\Downloads\FRST64.exe
2018-03-18 19:36 - 2018-03-18 19:36 - 000000955 _____ C:\Users\Tomic\Desktop\avefad.TXT
2018-03-18 18:04 - 2018-03-18 18:05 - 000001778 _____ C:\ProgramData\Microsoft\Windows\Start Menu\RedKings.lnk
2018-03-18 18:04 - 2018-03-18 18:05 - 000001772 _____ C:\Users\Public\Desktop\RedKings.lnk
2018-03-18 18:04 - 2018-03-18 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RedKings
2018-03-18 18:00 - 2018-03-18 18:00 - 001054976 _____ () C:\Users\Tomic\Downloads\redkings (1).exe
2018-03-18 17:59 - 2018-03-18 18:01 - 000035840 ___SH C:\Users\Tomic\Thumbs.db
2018-03-18 17:59 - 2018-03-18 17:59 - 000000995 _____ C:\Users\Tomic\Tomic - Shortcut.lnk
2018-03-18 16:37 - 2018-03-18 16:37 - 000371680 _____ C:\Windows\Minidump\031818-19141-01.dmp
2018-03-18 16:13 - 2018-03-18 16:13 - 000371904 _____ C:\Windows\Minidump\031818-20217-01.dmp
2018-03-18 16:01 - 2018-03-18 16:01 - 000372704 _____ C:\Windows\Minidump\031818-27300-01.dmp
2018-03-18 15:52 - 2018-03-18 15:52 - 000374312 _____ C:\Windows\Minidump\031818-27502-01.dmp
2018-03-18 15:45 - 2018-03-18 15:45 - 000003910 _____ C:\Windows\System32\Tasks\avast! SL Update
2018-03-18 15:45 - 2018-03-18 15:45 - 000000970 _____ C:\Users\Public\Desktop\Avast SecureLine.lnk
2018-03-18 15:43 - 2018-03-18 15:43 - 012391680 _____ (AVAST Software ) C:\Users\Tomic\Downloads\avast_secureline_setup.exe
2018-03-17 23:37 - 2018-03-17 23:37 - 000001854 _____ C:\Users\Tomic\Downloads\License.avastvpn
2018-03-17 23:21 - 2018-03-17 23:21 - 000003395 _____ C:\Users\Tomic\Desktop\iii.txt
2018-03-17 23:18 - 2018-03-17 23:18 - 008222496 _____ (Malwarebytes) C:\Users\Tomic\Downloads\adwcleaner_7.0.8.0.exe
2018-03-17 22:42 - 2018-03-17 22:56 - 3600536621 _____ C:\Users\Tomic\Downloads\Mizerove.2.Bad-Boys.II.2003.BDRip.720p.CZ.mkv
2018-03-17 22:37 - 2018-03-17 22:40 - 956868992 _____ C:\Users\Tomic\Downloads\klub-sracu pres MultiLoad.cz.mkv
2018-03-17 22:05 - 2018-03-17 22:05 - 001222144 _____ C:\Users\Tomic\Downloads\RSITx64.exe
2018-03-17 21:32 - 2018-03-17 21:34 - 000000000 ____D C:\ProgramData\SystemExplorer
2018-03-17 21:32 - 2018-03-17 21:32 - 000001080 _____ C:\Users\Public\Desktop\System Explorer.lnk
2018-03-17 21:32 - 2018-03-17 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2018-03-17 21:32 - 2018-03-17 21:32 - 000000000 ____D C:\Program Files (x86)\System Explorer
2018-03-17 21:27 - 2018-03-17 21:26 - 000196648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-03-17 21:27 - 2018-03-17 21:23 - 000215320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-03-17 21:26 - 2018-03-17 21:26 - 000380768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-03-17 21:25 - 2018-03-17 21:25 - 001917528 _____ (Mister Group ) C:\Users\Tomic\Downloads\SystemExplorerSetup.exe
2018-03-17 21:21 - 2018-03-17 21:21 - 007302848 _____ (AVAST Software) C:\Users\Tomic\Downloads\avast_free_antivirus_setup_online.exe
2018-03-17 21:11 - 2018-03-17 21:11 - 000371872 _____ C:\Windows\Minidump\031718-40669-01.dmp
2018-03-17 20:24 - 2018-03-17 20:25 - 064849104 _____ C:\Users\Tomic\Downloads\PT-Install-v4.15.1.exe
2018-03-14 16:51 - 2018-03-09 04:39 - 005580992 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-14 16:51 - 2018-03-09 04:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-14 16:51 - 2018-03-09 04:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-14 16:51 - 2018-03-09 04:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-14 16:51 - 2018-03-09 04:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-14 16:51 - 2018-03-09 04:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-14 16:51 - 2018-03-09 04:14 - 004044992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-14 16:51 - 2018-03-09 04:14 - 004025536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-14 16:51 - 2018-03-09 04:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-14 16:51 - 2018-03-09 04:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-14 16:51 - 2018-03-09 03:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-14 16:51 - 2018-03-09 03:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-14 16:51 - 2018-03-09 03:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-14 16:51 - 2018-03-09 03:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-14 16:51 - 2018-03-09 03:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-14 16:51 - 2018-03-09 03:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-14 16:51 - 2018-03-09 03:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-14 16:51 - 2018-03-09 03:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-14 16:51 - 2018-03-09 03:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-14 16:51 - 2018-03-09 03:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-14 16:51 - 2018-03-01 09:36 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-03-14 16:51 - 2018-02-22 04:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-03-14 16:51 - 2018-02-22 04:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-03-14 16:51 - 2018-02-18 22:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-14 16:51 - 2018-02-17 05:27 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-03-14 16:51 - 2018-02-17 04:36 - 000340088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-03-14 16:51 - 2018-02-16 16:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-03-14 16:51 - 2018-02-16 16:51 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-03-14 16:51 - 2018-02-16 16:51 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-03-14 16:51 - 2018-02-16 16:45 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-14 16:51 - 2018-02-16 16:44 - 013678080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-14 16:51 - 2018-02-16 16:24 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-03-14 16:51 - 2018-02-16 16:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-03-14 16:51 - 2018-02-16 16:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-03-14 16:51 - 2018-02-16 16:19 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-14 16:51 - 2018-02-16 15:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-03-14 16:51 - 2018-02-16 15:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-03-14 16:51 - 2018-02-15 16:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-14 16:51 - 2018-02-15 15:57 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-14 16:51 - 2018-02-10 19:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-03-14 16:51 - 2018-02-10 19:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-03-14 16:51 - 2018-02-10 19:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-03-14 16:51 - 2018-02-10 19:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-03-14 16:51 - 2018-02-10 19:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-03-14 16:51 - 2018-02-10 19:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-14 16:51 - 2018-02-10 19:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-14 16:51 - 2018-02-10 19:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-03-14 16:51 - 2018-02-10 19:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-14 16:51 - 2018-02-10 19:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-14 16:51 - 2018-02-10 19:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-03-14 16:51 - 2018-02-10 19:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-14 16:51 - 2018-02-10 18:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-03-14 16:51 - 2018-02-10 18:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-03-14 16:51 - 2018-02-10 18:40 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-14 16:51 - 2018-02-10 18:40 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-14 16:51 - 2018-02-10 18:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-03-14 16:51 - 2018-02-10 18:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-03-14 16:51 - 2018-02-10 18:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-03-14 16:51 - 2018-02-10 18:37 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-14 16:51 - 2018-02-10 18:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-03-14 16:51 - 2018-02-10 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-03-14 16:51 - 2018-02-10 18:32 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-03-14 16:51 - 2018-02-10 18:31 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-03-14 16:51 - 2018-02-10 18:29 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-03-14 16:51 - 2018-02-10 18:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-03-14 16:51 - 2018-02-10 18:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-03-14 16:51 - 2018-02-10 18:27 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-14 16:51 - 2018-02-10 18:27 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-14 16:51 - 2018-02-10 18:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-14 16:51 - 2018-02-10 18:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-03-14 16:51 - 2018-02-10 18:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-03-14 16:51 - 2018-02-10 18:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-03-14 16:51 - 2018-02-10 18:22 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-03-14 16:51 - 2018-02-10 18:20 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-14 16:51 - 2018-02-10 18:10 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-14 16:51 - 2018-02-10 18:10 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-14 16:51 - 2018-02-10 18:10 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-03-14 16:51 - 2018-02-10 18:09 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-03-14 16:51 - 2018-02-10 18:09 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-03-14 16:51 - 2018-02-10 18:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-03-14 16:51 - 2018-02-10 18:09 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-03-14 16:51 - 2018-02-10 18:06 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-14 16:51 - 2018-02-10 18:06 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-03-14 16:51 - 2018-02-10 18:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-03-14 16:51 - 2018-02-10 18:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-03-14 16:51 - 2018-02-10 18:01 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-03-14 16:51 - 2018-02-10 18:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-03-14 16:51 - 2018-02-10 18:00 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-14 16:51 - 2018-02-10 18:00 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-14 16:51 - 2018-02-10 18:00 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-03-14 16:51 - 2018-02-10 17:57 - 015281664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-14 16:51 - 2018-02-10 17:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-03-14 16:51 - 2018-02-10 17:50 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-03-14 16:51 - 2018-02-10 17:50 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-03-14 16:51 - 2018-02-10 17:47 - 002134016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-03-14 16:51 - 2018-02-10 17:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-03-14 16:51 - 2018-02-10 17:47 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-03-14 16:51 - 2018-02-10 17:47 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-03-14 16:51 - 2018-02-10 17:46 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-03-14 16:51 - 2018-02-10 17:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-03-14 16:51 - 2018-02-10 17:41 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-03-14 16:51 - 2018-02-10 17:40 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-14 16:51 - 2018-02-10 17:35 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-03-14 16:51 - 2018-02-10 17:34 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-03-14 16:51 - 2018-02-10 17:33 - 002058240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-03-14 16:51 - 2018-02-10 17:33 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-03-14 16:51 - 2018-02-10 17:23 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-03-14 16:51 - 2018-02-10 17:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-03-14 16:51 - 2018-02-10 17:11 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-03-14 16:51 - 2018-02-10 17:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-03-14 16:51 - 2018-02-02 19:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-03-14 16:51 - 2018-02-02 19:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-14 16:51 - 2018-02-02 19:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-03-14 16:51 - 2018-02-02 19:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-14 16:51 - 2018-02-02 19:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-03-14 16:51 - 2018-01-12 17:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-03-14 16:51 - 2018-01-12 17:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-14 16:50 - 2018-03-09 03:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-14 16:50 - 2018-03-09 03:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-14 16:50 - 2018-03-09 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-14 16:50 - 2018-03-09 03:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-14 16:50 - 2018-03-09 03:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-14 16:50 - 2018-03-09 03:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-14 16:50 - 2018-03-09 03:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-14 16:50 - 2018-03-09 03:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-14 16:50 - 2018-03-09 03:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-14 16:50 - 2018-03-09 03:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-14 16:50 - 2018-03-09 03:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-14 16:50 - 2018-03-09 03:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-14 16:50 - 2018-03-09 03:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-14 16:50 - 2018-03-09 03:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 16:50 - 2018-03-09 03:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-14 16:50 - 2018-02-10 18:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-03-14 16:50 - 2018-02-10 18:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-03-14 16:50 - 2018-02-02 19:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-03-14 16:50 - 2018-02-02 19:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-03-14 16:50 - 2018-02-02 19:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-03-14 16:50 - 2018-02-02 19:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-03-14 16:50 - 2018-02-02 19:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-03-14 16:50 - 2018-02-02 18:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-03-14 16:50 - 2018-02-02 18:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-03-14 16:50 - 2018-01-15 20:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-03-14 16:50 - 2018-01-15 20:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-03-14 16:47 - 2018-02-13 19:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 16:47 - 2018-02-13 19:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 16:47 - 2018-02-13 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 16:47 - 2018-02-13 15:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 16:47 - 2018-02-13 15:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 16:47 - 2018-02-13 15:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 16:47 - 2018-02-13 15:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-14 16:47 - 2018-02-13 15:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 16:47 - 2018-02-13 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 16:47 - 2018-02-13 15:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 02:23 - 2018-03-13 02:31 - 845902593 _____ C:\Users\Tomic\Downloads\RocknRolla 2008, CZ.mkv
2018-02-27 23:55 - 2018-02-28 00:24 - 008749108 _____ C:\Users\Tomic\Downloads\SuperBad.2007.Multi.1080p.HDLight.AC3.x264.Dread-Team -proper.mkv
2018-02-26 15:54 - 2018-02-26 16:03 - 000000000 ____D C:\Users\Tomic\AppData\Roaming\GGNetwork
2018-02-25 16:27 - 2018-02-25 16:27 - 000208743 _____ C:\Users\Tomic\Downloads\22739924.pdf
2018-02-23 11:43 - 2018-02-23 11:44 - 000410936 _____ C:\Windows\Minidump\022318-32120-01.dmp
2018-02-23 11:25 - 2018-02-23 11:25 - 000000000 ____D C:\Users\Tomic\AppData\Local\ElevatedDiagnostics
2018-02-22 18:07 - 2018-02-22 18:07 - 000001555 _____ C:\Users\Tomic\AppData\Roaming\Microsoft\Windows\Start Menu\partypoker.lnk
2018-02-22 18:07 - 2018-02-22 18:07 - 000000000 ____D C:\Users\Tomic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\partypoker
2018-02-18 17:52 - 2018-02-18 18:00 - 1986091715 _____ C:\Users\Tomic\Downloads\alibi.na.klic.2017.720p.BDRip.x264.AC3.CZ.DABING.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-19 13:09 - 2014-11-01 13:34 - 000000380 _____ C:\Users\Tomic\AppData\Roaming\sp_data.sys
2018-03-18 20:47 - 2017-10-12 13:10 - 000000000 ____D C:\Windows\rescache
2018-03-18 20:42 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-18 20:42 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-18 18:05 - 2017-02-27 22:02 - 000000000 ____D C:\Users\Tomic\AppData\Roaming\Microgaming
2018-03-18 17:59 - 2014-11-01 13:32 - 000000000 ____D C:\Users\Tomic
2018-03-18 16:49 - 2015-02-03 16:16 - 000000000 ____D C:\Users\Tomic\AppData\Local\PokerStars.CZ
2018-03-18 16:45 - 2009-07-14 06:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-18 16:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-18 16:38 - 2014-11-01 20:49 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2018-03-18 16:37 - 2018-02-14 13:32 - 812538920 _____ C:\Windows\MEMORY.DMP
2018-03-18 16:37 - 2014-11-10 17:58 - 000000000 ____D C:\Windows\Minidump
2018-03-18 16:37 - 2014-11-01 20:56 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-18 16:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-18 16:24 - 2016-06-29 21:58 - 000000000 ____D C:\AdwCleaner
2018-03-18 15:45 - 2016-07-01 12:22 - 000000000 ____D C:\Users\Tomic\AppData\Roaming\AVAST Software
2018-03-18 15:45 - 2016-07-01 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-03-18 15:45 - 2016-07-01 12:16 - 000000000 ____D C:\ProgramData\AVAST Software
2018-03-18 15:45 - 2016-07-01 12:16 - 000000000 ____D C:\Program Files\AVAST Software
2018-03-18 01:04 - 2017-05-07 10:07 - 000000000 ____D C:\Users\Tomic\Desktop\astr
2018-03-17 23:15 - 2018-02-13 15:58 - 000000000 ____D C:\Users\Tomic\AppData\Local\IIIQF
2018-03-17 23:15 - 2017-05-26 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
2018-03-17 22:21 - 2018-02-15 16:05 - 000007606 _____ C:\Users\Tomic\AppData\Local\resmon.resmoncfg
2018-03-17 22:05 - 2016-06-29 23:22 - 000000000 ____D C:\Program Files\trend micro
2018-03-17 21:27 - 2017-02-08 16:47 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-03-17 21:27 - 2016-07-01 12:22 - 000001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-03-17 21:26 - 2016-07-01 12:21 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-03-17 21:26 - 2016-07-01 12:21 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-03-17 21:26 - 2016-07-01 12:21 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-03-17 21:26 - 2016-07-01 12:21 - 000146656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-03-17 21:26 - 2016-07-01 12:21 - 000110328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-03-17 21:26 - 2016-07-01 12:21 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-03-17 21:26 - 2016-07-01 12:21 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-03-17 21:23 - 2017-02-08 16:47 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-03-17 21:23 - 2017-02-08 16:47 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-03-17 21:23 - 2017-02-08 16:47 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-03-17 21:23 - 2017-02-08 16:47 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-03-17 21:23 - 2016-07-01 12:21 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-03-17 21:14 - 2009-07-14 03:34 - 000000498 _____ C:\Windows\win.ini
2018-03-17 21:08 - 2015-02-10 03:53 - 000000000 ____D C:\Users\Tomic\Desktop\trisl
2018-03-17 21:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-03-17 20:26 - 2015-10-13 23:47 - 000001068 _____ C:\Users\postgres\Desktop\PokerTracker 4.lnk
2018-03-17 20:26 - 2014-12-31 00:13 - 000001068 _____ C:\Users\Tomic\Desktop\PokerTracker 4.lnk
2018-03-17 20:25 - 2015-11-15 12:13 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-17 20:19 - 2012-06-27 23:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-17 20:18 - 2017-07-04 18:32 - 000447656 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-17 20:10 - 2014-12-15 18:51 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-16 23:55 - 2017-10-12 12:06 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-16 23:55 - 2014-11-10 03:36 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-16 23:55 - 2014-11-10 03:36 - 000000000 ____D C:\Windows\system32\MRT
2018-03-13 13:03 - 2014-11-01 20:49 - 000000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2018-03-01 20:46 - 2017-07-17 17:18 - 000000000 ____D C:\BlackChipPoker
2018-02-28 13:14 - 2017-06-13 14:54 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-28 00:44 - 2014-11-02 00:18 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 00:44 - 2014-11-02 00:18 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-26 15:59 - 2017-09-17 18:05 - 000000000 ____D C:\Users\Tomic\AppData\Local\NATURAL8
2018-02-26 15:54 - 2017-09-17 18:04 - 000000000 ____D C:\Program Files (x86)\Natural8
2018-02-25 13:03 - 2017-06-13 14:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-22 18:34 - 2018-01-22 23:22 - 000000000 ____D C:\CoinPoker
2018-02-22 18:07 - 2018-01-02 16:55 - 000001531 _____ C:\Users\Tomic\Desktop\partypoker.lnk
2018-02-22 18:07 - 2014-11-12 19:52 - 000000000 ____D C:\Users\Tomic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-02-17 15:10 - 2012-06-27 23:27 - 000766780 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-01-25 17:12 - 2015-01-25 17:12 - 000002086 _____ () C:\Users\Tomic\AppData\Roaming\DUFZ
2015-01-25 17:12 - 2016-07-01 13:51 - 000000365 _____ () C:\Users\Tomic\AppData\Roaming\LUPAZMFE
2014-11-01 13:34 - 2018-03-19 13:09 - 000000380 _____ () C:\Users\Tomic\AppData\Roaming\sp_data.sys
2018-02-15 16:05 - 2018-03-17 22:21 - 000007606 _____ () C:\Users\Tomic\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-11 18:58

==================== End of FRST.txt ============================
Přílohy
Addition.rar
(14.8 KiB) Staženo 45 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Problém notebook NVstreamuseragent.exe

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    Zip: C:\Windows\Minidump
    CMD: type "C:\Users\Tomic\AppData\Roaming\DUFZ"
    CMD: type "C:\Users\Tomic\AppData\Roaming\LUPAZMFE"
    File: C:\Program Files\Sharkystrator\sharkystrator.exe
    File: C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
    
    HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
    HKLM-x32\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {47b4b9c3-cebc-11e7-b793-00030d000001} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {4f79e84f-ad2b-11e4-b207-3085a97fa0ca} - F:\Setup.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {54ed4814-1304-11e6-9fe3-3085a97fa0ca} - I:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {54ed4818-1304-11e6-9fe3-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {61eb56f1-7fa7-11e7-a766-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {7bf06097-138e-11e6-b621-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {b8afde6f-84df-11e7-be45-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {d9ea1f2f-af40-11e7-8e4e-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
    HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    2018-03-17 23:15 - 2017-05-26 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
    
    Task: {37DE442F-6C7F-410D-AFBA-053ECAA43D0C} - System32\Tasks\{6D9286E5-5ECD-4FBF-B873-5917F7BBA11F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Tomic\Desktop\LAKA\cod2\Call of Duty 2\CoD2\CoD2MP_s.exe" -d "C:\Users\Tomic\Desktop\LAKA\cod2\Call of Duty 2\CoD2"
    Task: {EA2E58C6-B1E2-4DD6-8595-2F4DED99E3B8} - System32\Tasks\{45EE730A-EB77-46A0-A3D3-6ED05BAA47F3} => C:\Windows\system32\pcalua.exe -a "H:\q3pointrelease_132 (1).exe" -d H:\
    AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [118]
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    FirewallRules: [{1FAB0DFE-F79A-4B36-844B-C081221D0C2F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{42CFBDBD-8BAF-4077-8E33-1B23870BC1E6}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{19E770D7-A805-49B8-971C-58FB80DE1B0C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{6EA9A154-955F-4894-A6FE-1CE333F71785}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    
    C:\Program Files (x86)\Seznam.cz
    C:\Users\Tomic\AppData\Roaming\Seznam.cz
    C:\Program Files (x86)\Solvusoft
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
    C:\ProgramData\Solvusoft
    C:\Users\Tomic\AppData\Roaming\Solvusoft
    C:\Windows\Tasks\*DriverDoc*
    C:\Users\Public\Desktop\DriverDoc.lnk
    C:\Windows\System32\Tasks\*DriverDoc*
    
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
    C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft
    C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft
    C:\Program Files\WiperSoft
    C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
    
    DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61F70108E2BCBA24BAD9C61145D0A5B8
    DeleteKey: HKLM\SOFTWARE\Classes\Installer\Features\61F70108E2BCBA24BAD9C61145D0A5B8
    DeleteKey: HKLM\SOFTWARE\Classes\Installer\Products\61F70108E2BCBA24BAD9C61145D0A5B8
    DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|CommonToolkitTray_Solvusoft
    DeleteKey: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
    DeleteKey: HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
    DeleteKey: HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe
    DeleteKey: HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe
    DeleteKey: HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
    DeleteKey: HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
    DeleteKey: HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
    DeleteKey: HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Conduit
    DeleteKey: HKCU\Software\Conduit
    DeleteKey: HKLM\SOFTWARE\CLASSES\APPLICATIONS\SolvusoftTray.exe
    DeleteKey: HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
    DeleteKey: HKLM\SOFTWARE\Common Toolkit Suite
    DeleteKey: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0
    DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0
    DeleteKey: HKLM\SOFTWARE\Classes\Applications\SolvusoftTray.exe
    DeleteKey: HKU\S-1-5-21-97547007-394703-2295398756-1002\Software\Goobzo
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Na ploche sa vytvori ZIP archiv s datumom a casom v nazve, tento archiv nahraj napr. na leteckaposta.cz a do dalsej odpovede vloz odkaz na stiahnutie.

:arrow: Ak nepouzivas, odporucam odinistalovat Seznam doplnky z Firefoxu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomic91
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 čer 2016 12:14

Re: Problém notebook NVstreamuseragent.exe

#7 Příspěvek od tomic91 »

Poté co na ploše vytvořím fixlist.txt zapnu FRST, dám fix vyskočí mi hláška No fixlist.txt found.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Problém notebook NVstreamuseragent.exe

#8 Příspěvek od Conder »

:arrow: Mas FRST ulozeny na ploche?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomic91
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 čer 2016 12:14

Re: Problém notebook NVstreamuseragent.exe

#9 Příspěvek od tomic91 »

Nebyl, když zmáčknu fix crashne mi notebook do modrého pozadí s bílím písmem.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Problém notebook NVstreamuseragent.exe

#10 Příspěvek od Conder »

:arrow: Skus spustit ten fixlist v nudzovom rezime - restartuj PC, stlacaj klavesu F8 a vyber moznost Safe mode (Nouzovy rezim).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomic91
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 čer 2016 12:14

Re: Problém notebook NVstreamuseragent.exe

#11 Příspěvek od tomic91 »

http://leteckaposta.cz/574827840

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Tomic (26-03-2018 14:16:10) Run:2
Running from C:\Users\Tomic\Desktop
Loaded Profiles: Tomic (Available Profiles: Tomic & postgres)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Zip: C:\Windows\Minidump
CMD: type "C:\Users\Tomic\AppData\Roaming\DUFZ"
CMD: type "C:\Users\Tomic\AppData\Roaming\LUPAZMFE"
File: C:\Program Files\Sharkystrator\sharkystrator.exe
File: C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {47b4b9c3-cebc-11e7-b793-00030d000001} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {4f79e84f-ad2b-11e4-b207-3085a97fa0ca} - F:\Setup.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {54ed4814-1304-11e6-9fe3-3085a97fa0ca} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {54ed4818-1304-11e6-9fe3-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {61eb56f1-7fa7-11e7-a766-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {7bf06097-138e-11e6-b621-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {b8afde6f-84df-11e7-be45-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-97547007-394703-2295398756-1001\...\MountPoints2: {d9ea1f2f-af40-11e7-8e4e-3085a97fa0ca} - H:\HiSuiteDownLoader.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2018-03-17 23:15 - 2017-05-26 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft

Task: {37DE442F-6C7F-410D-AFBA-053ECAA43D0C} - System32\Tasks\{6D9286E5-5ECD-4FBF-B873-5917F7BBA11F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Tomic\Desktop\LAKA\cod2\Call of Duty 2\CoD2\CoD2MP_s.exe" -d "C:\Users\Tomic\Desktop\LAKA\cod2\Call of Duty 2\CoD2"
Task: {EA2E58C6-B1E2-4DD6-8595-2F4DED99E3B8} - System32\Tasks\{45EE730A-EB77-46A0-A3D3-6ED05BAA47F3} => C:\Windows\system32\pcalua.exe -a "H:\q3pointrelease_132 (1).exe" -d H:\
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [118]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
FirewallRules: [{1FAB0DFE-F79A-4B36-844B-C081221D0C2F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{42CFBDBD-8BAF-4077-8E33-1B23870BC1E6}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{19E770D7-A805-49B8-971C-58FB80DE1B0C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{6EA9A154-955F-4894-A6FE-1CE333F71785}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

C:\Program Files (x86)\Seznam.cz
C:\Users\Tomic\AppData\Roaming\Seznam.cz
C:\Program Files (x86)\Solvusoft
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
C:\ProgramData\Solvusoft
C:\Users\Tomic\AppData\Roaming\Solvusoft
C:\Windows\Tasks\*DriverDoc*
C:\Users\Public\Desktop\DriverDoc.lnk
C:\Windows\System32\Tasks\*DriverDoc*

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft
C:\Program Files\WiperSoft
C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}

DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61F70108E2BCBA24BAD9C61145D0A5B8
DeleteKey: HKLM\SOFTWARE\Classes\Installer\Features\61F70108E2BCBA24BAD9C61145D0A5B8
DeleteKey: HKLM\SOFTWARE\Classes\Installer\Products\61F70108E2BCBA24BAD9C61145D0A5B8
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|CommonToolkitTray_Solvusoft
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
DeleteKey: HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe
DeleteKey: HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
DeleteKey: HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
DeleteKey: HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
DeleteKey: HKU\S-1-5-21-97547007-394703-2295398756-1001\Software\Conduit
DeleteKey: HKCU\Software\Conduit
DeleteKey: HKLM\SOFTWARE\CLASSES\APPLICATIONS\SolvusoftTray.exe
DeleteKey: HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
DeleteKey: HKLM\SOFTWARE\Common Toolkit Suite
DeleteKey: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0
DeleteKey: HKLM\SOFTWARE\Classes\Applications\SolvusoftTray.exe
DeleteKey: HKU\S-1-5-21-97547007-394703-2295398756-1002\Software\Goobzo

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: Restore point can only be created in normal mode.
================== Zip: ===================
C:\Windows\Minidump -> copied successfully to C:\Users\Tomic\Desktop\26.03.2018_14.16.10.zip
=========== Zip: End ===========

========= type "C:\Users\Tomic\AppData\Roaming\DUFZ" =========

䭐Ѓ 裲䔓ࡅ伲d – 档潲敭洮湡晩獥䕴䶌耊ဠ힅�Ꮑ딸ᵭ݄è䈦⦒ﶨ�ڽ暴辽塏ꐓᐉ옯ᩡ铻쿰퐽徕↕沤桄뷮퀒蚲亐鯳얊䷙v뎳鞧눎撤蟺늣꤆倇͋ᐄ ᎈE ࠀ 挀湯整瑮倯͋ᐄ ࠀᎈ5帀ሀ 挀湯整瑮漯敶汲祡樮赳浕�၀廾翨﵈ൠ庄⭅္笽�ꅝ䆠ፒ䭛汍穞瞿鷖⛍㠨睤駦幧睶᯼䚤�ן좻賰螏绾㝵從輝䜟�猉䖑䷩괨Ὗắ㝖楓彄⦰蛏ᵩ⫬擛漼圚㥶洈ⷦᴺ뎫बꄇ鋋펒ඖ▖⠧닶迬ꖗ錻蛂素⦐꿬韢溃ɬ簢䋻廄顢⨐酸ঋㄔ팣覘싰롅⩖詶檊⌇ㄍᄚﰺ챒⁴ᡴ஝倽ꞝචഊꥭ픹ูᢑ爃䘈ꕎ苕茠쭝⾿듵웦鈴ꄓ鍁䛍⎘퐫橩᫏䳙ꤕ嚼⎁員皪퓩坔䈙竄匢䊤䐷霸♰遘⩹葍⫖ꪜꭼﰈ䰔ℰ彳㫔拭ꈝᠯࠒ䒖狟䵓䊑蔤䟎䓨䖋坫闘룡喰峌⯀㾈㴺沶溝立牓3횊螹澏⭡녳⟟ṩ待⒒챼벃⛈ᡉ�뗂쭭ᶵᜐྤ䁂ࠨ缨麦䜑웏醴痭ꈟ䔿猽䰤ᔋ㷻皵䭼崭쫟⋓腪魻帢�㘤뭡
⏏띦篛袵찊琡鯃뻹ꛙ쁹䒉跂ቓƯࣾ团쫖䯽�ಭ樟㕭뾖矴졬拧劵眃몵懸⣡弶炠黰牀뼠죄각칸怡圌㤐춞퇑忀沣LJ猏보쎍姤蝫䎃龫୎䋫ᅩ呱ꆝ糢仵슻㆕熶ޖ㫱㙊ﳓ驶讬ᑝ췧掓秞뵯촡擃䋚㡽㒴诊㸴ꌵ쯎엥⒞綻䌒䳔솻凞ᣴꓷ곔觍持껁堽뾢꡼濾鼺똫㦣錺蜯徛⟥橪록㗶饭鞛闵Ḇ㭁喀흅䡗憾�뼄堳Ͻ䭐Ѓ 裲䔓㸡· ð 潣瑮湥⽴癯牥慬⹹畸㕬䆎숎ᐠ흄碚׷᧝瑓㑣Ѐ婿ʔ꾁浭睺똱즻擌闦꺇ㆍ氤᫸㨘嗆渒受薱练ⲵ하猳゗踸擅쬂⸣ꡉ슉衎涶옿앚걽Ꮔ䛻숥⨨ౄ剙ᆍ䦹㯜旮�쨬ꎤ쐉ྨ䄨悅嚍�坄퐼ﵛ恣権먉뺎糁̸ꄝㄣɇꏱ趟៽䭐Ѓ 褆䔓勗ĸ ɭ 湩瑳污⹬摲畦嶒쉫ᠰ%ꥃ荷ꛇ딭�ខ瀺碣户嵍䦠ፋ㫗뿱徯깘㧂৏积뾉墨綪䊓賐痏䃓⋺輘�嗪ᶫ韺릔愇陙楆夛艱Ⴚ큙䂲䱱뢀襰쀫䓅輟華䆴낏陁㽥䴴ﭱ薀ΐ欉Ꮢ栽﹂袊ꂸ겹탇⇰쬻纹렮ꟗ쨼쒅੩ℴ療㪩顇轇㸿ꯗ췛鶇岾䓏ﵽ涶騩䙣瑺�඄坷␕㤯갉槚ίᜇ∧禗튞䬘듵㡪唐ሁ郏銍蠩萭ⓢ㷀Ƞᭌ�黔ི䙱푹ヷ冖⏒ꮋ끨춏꽲扶딼թ烡仼ꟻ忰蟜蟵縊倁ŋ㼂᐀ ࠀᎈ䕅㈈摏 阀 ༀ␀   挀牨浯⹥慭楮敦瑳
﯂뮶Ǐ굙뮶Ǐ굙뮶Ǐ䭐ȁ? 裲䔓 $ ‘ 潣瑮湥⽴
뮶Ǐ뮶Ǐ⊮뮶Ǐ䭐ȁ? 裲䔓ᗡ˿ ࡞ $ · 潣瑮湥⽴癯牥慬⹹獪
뼚뮶Ǐ䧚뮶Ǐ䧚뮶Ǐ䭐ȁ? 裲䔓㸡· ð $ Ϧ 潣瑮湥⽴癯牥慬⹹畸੬  Ā᠀䴀蠴뛬쾻␁蟦뛬쾻␁蟦뛬쾻倁ŋ㼂᐀ ࠀ؀ᎉ흅⥒㣠洀଀␀   츀椀獮慴汬爮晤
䰀Ǵ뮷Ǐ孨뮶Ǐ孨뮶Ǐ䭐؅ ǡ د
========= End of CMD: =========



= = = = = = = = = t y p e " C : \ U s e r s \ T o m i c \ A p p D a t a \ R o a m i n g \ L U P A Z M F E " = = = = = = = = =



KP NHEú… Í \
amineftsj.osun1Â0w…˙Á2P4Š±ĐC›¨+ ˆŇR¬ô6Ńą)
´˙Ą4ÝńÁ}ŢŢ÷úă$éH¤Í8¬šŤIBÜŃ$mÁ«¤N“ď.ĂKd«ˆ_\€Ć‹ţXńűr÷lfÉ\»o§g VüŐjÂĘ®2Š+˝ĺZřW„§$‘iüŰ@ĚęÖÄŠbäƒLĄ1Ľ
aFT©AYUČM'tP8®QŻô-tlpÂčĽ|˛ó3Vł:GŘ°ÍßĂ”ň˘uîdŁ«hOKP ? NHEú… Í \
$ amineftsj.os
n ptçŃĎÄôp%çŃĎÄôp%çŃĎÄPK _ ř

= = = = = = = = = E n d o f C M D : = = = = = = = = =





= = = = = = = = = = = = = = = = = = = = = = = = = F i l e : C : \ P r o g r a m F i l e s \ S h a r k y s t r a t o r \ s h a r k y s t r a t o r . e x e = = = = = = = = = = = = = = = = = = = = = = = =



" C : \ P r o g r a m F i l e s \ S h a r k y s t r a t o r \ s h a r k y s t r a t o r . e x e " = > n o t f o u n d

= = = = = = E n d o f F i l e : = = = = = =





= = = = = = = = = = = = = = = = = = = = = = = = = F i l e : C : \ P r o g r a m F i l e s \ P o s t g r e S Q L \ 9 . 0 \ b i n \ p g _ c t l . e x e = = = = = = = = = = = = = = = = = = = = = = = =



C : \ P r o g r a m F i l e s \ P o s t g r e S Q L \ 9 . 0 \ b i n \ p g _ c t l . e x e

F i l e n o t s i g n e d

M D 5 : 9 E D C 4 9 D 6 4 B 2 8 E C 5 E 9 B A F 8 B 0 4 1 3 E A 6 1 8 0

C r e a t i o n a n d m o d i f i c a t i o n d a t e : 2 0 1 4 - 1 2 - 3 1 0 1 : 2 0 - 2 0 1 2 - 0 9 - 2 1 1 0 : 0 1

S i z e : 0 0 0 1 1 1 1 0 4

A t t r i b u t e s : - - - - A

C o m p a n y N a m e : P o s t g r e S Q L G l o b a l D e v e l o p m e n t G r o u p

I n t e r n a l N a m e :

O r i g i n a l N a m e :

P r o d u c t : P o s t g r e S Q L

D e s c r i p t i o n : p g _ c t l - s t a r t s / s t o p s / r e s t a r t s t h e P o s t g r e S Q L s e r v e r

F i l e V e r s i o n : 9 . 0 . 1 0

P r o d u c t V e r s i o n : 9 . 0 . 1 0

C o p y r i g h t : P o r t i o n s C o p y r i g h t ( c ) 1 9 9 6 - 2 0 1 0 , P o s t g r e S Q L G l o b a l D e v e l o p m e n t G r o u p . P o r t i o n s C o p y r i g h t ( c ) 1 9 9 4 , R e g e n t s o f t h e U n i v e r s i t y o f C a l i f o r n i a .

V i r u s T o t a l : h t t p s : / / w w w . v i r u s t o t a l . c o m / f i l e / d 8 5 4 b d 7 c 6 1 c 2 9 f 7 4 d e 6 7 0 7 1 9 8 b 4 7 9 4 1 4 0 3 b 8 9 2 a 4 9 2 6 a 5 7 b a 0 b a 9 7 9 8 9 7 3 1 1 f f 5 f / a n a l y s i s / 1 5 1 6 7 2 1 3 2 5 /



= = = = = = E n d o f F i l e : = = = = = =



" H K L M \ S o f t w a r e \ W O W 6 4 3 2 N o d e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n \ \ s e z n a m - l i s t i c k a - d i s t r i b u c e " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S o f t w a r e \ W O W 6 4 3 2 N o d e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n \ \ C o m m o n T o o l k i t T r a y _ S o l v u s o f t " = > r e m o v e d s u c c e s s f u l l y

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 4 7 b 4 b 9 c 3 - c e b c - 1 1 e 7 - b 7 9 3 - 0 0 0 3 0 d 0 0 0 0 0 1 } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 4 7 b 4 b 9 c 3 - c e b c - 1 1 e 7 - b 7 9 3 - 0 0 0 3 0 d 0 0 0 0 0 1 } = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 4 f 7 9 e 8 4 f - a d 2 b - 1 1 e 4 - b 2 0 7 - 3 0 8 5 a 9 7 f a 0 c a } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 4 f 7 9 e 8 4 f - a d 2 b - 1 1 e 4 - b 2 0 7 - 3 0 8 5 a 9 7 f a 0 c a } = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 5 4 e d 4 8 1 4 - 1 3 0 4 - 1 1 e 6 - 9 f e 3 - 3 0 8 5 a 9 7 f a 0 c a } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 5 4 e d 4 8 1 4 - 1 3 0 4 - 1 1 e 6 - 9 f e 3 - 3 0 8 5 a 9 7 f a 0 c a } = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 5 4 e d 4 8 1 8 - 1 3 0 4 - 1 1 e 6 - 9 f e 3 - 3 0 8 5 a 9 7 f a 0 c a } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 5 4 e d 4 8 1 8 - 1 3 0 4 - 1 1 e 6 - 9 f e 3 - 3 0 8 5 a 9 7 f a 0 c a } = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 6 1 e b 5 6 f 1 - 7 f a 7 - 1 1 e 7 - a 7 6 6 - 3 0 8 5 a 9 7 f a 0 c a } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 6 1 e b 5 6 f 1 - 7 f a 7 - 1 1 e 7 - a 7 6 6 - 3 0 8 5 a 9 7 f a 0 c a } = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 7 b f 0 6 0 9 7 - 1 3 8 e - 1 1 e 6 - b 6 2 1 - 3 0 8 5 a 9 7 f a 0 c a } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 7 b f 0 6 0 9 7 - 1 3 8 e - 1 1 e 6 - b 6 2 1 - 3 0 8 5 a 9 7 f a 0 c a } = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { b 8 a f d e 6 f - 8 4 d f - 1 1 e 7 - b e 4 5 - 3 0 8 5 a 9 7 f a 0 c a } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { b 8 a f d e 6 f - 8 4 d f - 1 1 e 7 - b e 4 5 - 3 0 8 5 a 9 7 f a 0 c a } = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { d 9 e a 1 f 2 f - a f 4 0 - 1 1 e 7 - 8 e 4 e - 3 0 8 5 a 9 7 f a 0 c a } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { d 9 e a 1 f 2 f - a f 4 0 - 1 1 e 7 - 8 e 4 e - 3 0 8 5 a 9 7 f a 0 c a } = > n o t f o u n d

" H K L M \ S O F T W A R E \ P o l i c i e s \ M i c r o s o f t \ I n t e r n e t E x p l o r e r " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ S t a r t P a g e = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ W o w 6 4 3 2 N o d e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ S t a r t P a g e = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ S e a r c h P a g e = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ W o w 6 4 3 2 N o d e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ S e a r c h P a g e = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ D e f a u l t _ P a g e _ U R L = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ W o w 6 4 3 2 N o d e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ D e f a u l t _ P a g e _ U R L = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ D e f a u l t _ S e a r c h _ U R L = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ W o w 6 4 3 2 N o d e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ D e f a u l t _ S e a r c h _ U R L = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ S e a r c h P a g e = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n \ \ D e f a u l t _ S e a r c h _ U R L = > v a l u e r e s t o r e d s u c c e s s f u l l y

H K L M \ S O F T W A R E \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ S e a r c h S c o p e s \ \ D e f a u l t S c o p e = > v a l u e r e s t o r e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ S e a r c h S c o p e s \ { 0 6 3 3 E E 9 3 - D 7 7 6 - 4 7 2 f - A 0 F F - E 1 4 1 6 B 8 B 2 E 3 A } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 0 6 3 3 E E 9 3 - D 7 7 6 - 4 7 2 f - A 0 F F - E 1 4 1 6 B 8 B 2 E 3 A } = > n o t f o u n d

H K L M \ S O F T W A R E \ W o w 6 4 3 2 N o d e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ S e a r c h S c o p e s \ \ D e f a u l t S c o p e = > v a l u e r e s t o r e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ W o w 6 4 3 2 N o d e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ S e a r c h S c o p e s \ { 0 6 3 3 E E 9 3 - D 7 7 6 - 4 7 2 f - A 0 F F - E 1 4 1 6 B 8 B 2 E 3 A } " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ W o w 6 4 3 2 N o d e \ C l a s s e s \ C L S I D \ { 0 6 3 3 E E 9 3 - D 7 7 6 - 4 7 2 f - A 0 F F - E 1 4 1 6 B 8 B 2 E 3 A } = > n o t f o u n d

" H K L M \ S o f t w a r e \ M o z i l l a P l u g i n s \ @ m i c r o s o f t . c o m / G E N U I N E " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S o f t w a r e \ W o w 6 4 3 2 N o d e \ M o z i l l a P l u g i n s \ @ m i c r o s o f t . c o m / G E N U I N E " = > r e m o v e d s u c c e s s f u l l y

C : \ P r o g r a m D a t a \ M i c r o s o f t \ W i n d o w s \ S t a r t M e n u \ P r o g r a m s \ S o l v u s o f t = > m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ P l a i n \ { 3 7 D E 4 4 2 F - 6 C 7 F - 4 1 0 D - A F B A - 0 5 3 E C A A 4 3 D 0 C } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ T a s k s \ { 3 7 D E 4 4 2 F - 6 C 7 F - 4 1 0 D - A F B A - 0 5 3 E C A A 4 3 D 0 C } " = > r e m o v e d s u c c e s s f u l l y

C : \ W i n d o w s \ S y s t e m 3 2 \ T a s k s \ { 6 D 9 2 8 6 E 5 - 5 E C D - 4 F B F - B 8 7 3 - 5 9 1 7 F 7 B B A 1 1 F } = > m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ T r e e \ { 6 D 9 2 8 6 E 5 - 5 E C D - 4 F B F - B 8 7 3 - 5 9 1 7 F 7 B B A 1 1 F } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ P l a i n \ { E A 2 E 5 8 C 6 - B 1 E 2 - 4 D D 6 - 8 5 9 5 - 2 F 4 D E D 9 9 E 3 B 8 } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ T a s k s \ { E A 2 E 5 8 C 6 - B 1 E 2 - 4 D D 6 - 8 5 9 5 - 2 F 4 D E D 9 9 E 3 B 8 } " = > r e m o v e d s u c c e s s f u l l y

C : \ W i n d o w s \ S y s t e m 3 2 \ T a s k s \ { 4 5 E E 7 3 0 A - E B 7 7 - 4 6 A 0 - A 3 D 3 - 6 E D 0 5 B A A 4 7 F 3 } = > m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ T r e e \ { 4 5 E E 7 3 0 A - E B 7 7 - 4 6 A 0 - A 3 D 3 - 6 E D 0 5 B A A 4 7 F 3 } " = > r e m o v e d s u c c e s s f u l l y

C : \ P r o g r a m D a t a \ T e m p = > " : 5 6 E 2 E 8 7 9 " A D S r e m o v e d s u c c e s s f u l l y

" H K L M \ S y s t e m \ C u r r e n t C o n t r o l S e t \ C o n t r o l \ S a f e B o o t \ M i n i m a l \ m c p l t s v c " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S y s t e m \ C u r r e n t C o n t r o l S e t \ C o n t r o l \ S a f e B o o t \ N e t w o r k \ m c p l t s v c " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S Y S T E M \ C u r r e n t C o n t r o l S e t \ s e r v i c e s \ S h a r e d A c c e s s \ P a r a m e t e r s \ F i r e w a l l P o l i c y \ F i r e w a l l R u l e s \ \ { 1 F A B 0 D F E - F 7 9 A - 4 B 3 6 - 8 4 4 B - C 0 8 1 2 2 1 D 0 C 2 F } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S Y S T E M \ C u r r e n t C o n t r o l S e t \ s e r v i c e s \ S h a r e d A c c e s s \ P a r a m e t e r s \ F i r e w a l l P o l i c y \ F i r e w a l l R u l e s \ \ { 4 2 C F B D B D - 8 B A F - 4 0 7 7 - 8 E 3 3 - 1 B 2 3 8 7 0 B C 1 E 6 } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S Y S T E M \ C u r r e n t C o n t r o l S e t \ s e r v i c e s \ S h a r e d A c c e s s \ P a r a m e t e r s \ F i r e w a l l P o l i c y \ F i r e w a l l R u l e s \ \ { 1 9 E 7 7 0 D 7 - A 8 0 5 - 4 9 B 8 - 9 7 1 C - 5 8 F B 8 0 D E 1 B 0 C } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S Y S T E M \ C u r r e n t C o n t r o l S e t \ s e r v i c e s \ S h a r e d A c c e s s \ P a r a m e t e r s \ F i r e w a l l P o l i c y \ F i r e w a l l R u l e s \ \ { 6 E A 9 A 1 5 4 - 9 5 5 F - 4 8 9 4 - A 6 F E - 1 C E 3 3 3 F 7 1 7 8 5 } " = > r e m o v e d s u c c e s s f u l l y

C : \ P r o g r a m F i l e s ( x 8 6 ) \ S e z n a m . c z = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ T o m i c \ A p p D a t a \ R o a m i n g \ S e z n a m . c z = > m o v e d s u c c e s s f u l l y

" C : \ P r o g r a m F i l e s ( x 8 6 ) \ S o l v u s o f t " = > n o t f o u n d

" C : \ P r o g r a m D a t a \ M i c r o s o f t \ W i n d o w s \ S t a r t M e n u \ P r o g r a m s \ S o l v u s o f t " = > n o t f o u n d

" C : \ P r o g r a m D a t a \ S o l v u s o f t " = > n o t f o u n d

" C : \ U s e r s \ T o m i c \ A p p D a t a \ R o a m i n g \ S o l v u s o f t " = > n o t f o u n d



= = = = = = = = = = = " C : \ W i n d o w s \ T a s k s \ * D r i v e r D o c * " = = = = = = = = = =



n o t f o u n d



= = = = = = = = = E n d - > " C : \ W i n d o w s \ T a s k s \ * D r i v e r D o c * " = = = = = = = =



" C : \ U s e r s \ P u b l i c \ D e s k t o p \ D r i v e r D o c . l n k " = > n o t f o u n d



= = = = = = = = = = = " C : \ W i n d o w s \ S y s t e m 3 2 \ T a s k s \ * D r i v e r D o c * " = = = = = = = = = =



n o t f o u n d



= = = = = = = = = E n d - > " C : \ W i n d o w s \ S y s t e m 3 2 \ T a s k s \ * D r i v e r D o c * " = = = = = = = =



" C : \ P r o g r a m D a t a \ M i c r o s o f t \ W i n d o w s \ S t a r t M e n u \ P r o g r a m s \ S o l v u s o f t " = > n o t f o u n d

" C : \ W i n d o w s \ S y s t e m 3 2 \ c o n f i g \ s y s t e m p r o f i l e \ A p p D a t a \ R o a m i n g \ S o l v u s o f t " = > n o t f o u n d

C : \ W i n d o w s \ S y s W O W 6 4 \ c o n f i g \ s y s t e m p r o f i l e \ A p p D a t a \ R o a m i n g \ S o l v u s o f t = > m o v e d s u c c e s s f u l l y

C : \ P r o g r a m F i l e s \ W i p e r S o f t = > m o v e d s u c c e s s f u l l y

C : \ W i n d o w s \ I n s t a l l e r \ { 4 D 0 A 0 7 5 0 - B 0 3 4 - 4 D F 8 - 9 7 D E - 2 6 F 1 2 1 2 A C 2 F F } = > m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ I n s t a l l e r \ U s e r D a t a \ S - 1 - 5 - 1 8 \ P r o d u c t s \ 6 1 F 7 0 1 0 8 E 2 B C B A 2 4 B A D 9 C 6 1 1 4 5 D 0 A 5 B 8 " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ C l a s s e s \ I n s t a l l e r \ F e a t u r e s \ 6 1 F 7 0 1 0 8 E 2 B C B A 2 4 B A D 9 C 6 1 1 4 5 D 0 A 5 B 8 " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ C l a s s e s \ I n s t a l l e r \ P r o d u c t s \ 6 1 F 7 0 1 0 8 E 2 B C B A 2 4 B A D 9 C 6 1 1 4 5 D 0 A 5 B 8 " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n \ \ C o m m o n T o o l k i t T r a y _ S o l v u s o f t " = > n o t f o u n d

" H K L M \ S Y S T E M \ C u r r e n t C o n t r o l S e t \ C o n t r o l \ C l a s s \ { 0 0 1 4 2 9 8 C - A 9 B A - 4 4 0 D - A A A 8 - A D 1 2 C 7 0 1 0 E E 5 } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S Y S T E M \ C u r r e n t C o n t r o l S e t \ C o n t r o l \ C l a s s \ { 1 8 1 A 0 6 E A - B 8 2 C - 4 7 D E - B 8 5 1 - E 2 0 F D 0 E 1 C C 7 D } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ R A D A R \ H e a p L e a k D e t e c t i o n \ D i a g n o s e d A p p l i c a t i o n s \ i S a f e S v c 2 . e x e " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ C l a s s e s \ A p p l i c a t i o n s \ S e t u p _ W i n T h r u s t e r _ 2 0 1 6 . e x e " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S Y S T E M \ C u r r e n t C o n t r o l S e t \ C o n t r o l \ i S a f e K r n l B o o t " = > r e m o v e d s u c c e s s f u l l y

" H K U \ . D E F A U L T \ S o f t w a r e \ A p p D a t a L o w \ S o f t w a r e \ A s k T o o l b a r " = > r e m o v e d s u c c e s s f u l l y

H K U \ S - 1 - 5 - 1 8 \ S o f t w a r e \ A p p D a t a L o w \ S o f t w a r e \ A s k T o o l b a r = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 1 \ S o f t w a r e \ C o n d u i t " = > r e m o v e d s u c c e s s f u l l y

H K C U \ S o f t w a r e \ C o n d u i t = > n o t f o u n d

" H K L M \ S O F T W A R E \ C L A S S E S \ A P P L I C A T I O N S \ S o l v u s o f t T r a y . e x e " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ C l a s s e s \ A p p l i c a t i o n s \ D r i v e r D o c S e t u p . e x e " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ C o m m o n T o o l k i t S u i t e " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ C l a s s e s \ I n s t a l l e r \ U p g r a d e C o d e s \ 5 5 5 6 3 0 9 6 2 3 D 8 E A C 4 7 8 D 3 B 2 4 F 6 A 6 8 D 7 B 0 " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ I n s t a l l e r \ U p g r a d e C o d e s \ 5 5 5 6 3 0 9 6 2 3 D 8 E A C 4 7 8 D 3 B 2 4 F 6 A 6 8 D 7 B 0 " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S O F T W A R E \ C l a s s e s \ A p p l i c a t i o n s \ S o l v u s o f t T r a y . e x e = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 9 7 5 4 7 0 0 7 - 3 9 4 7 0 3 - 2 2 9 5 3 9 8 7 5 6 - 1 0 0 2 \ S o f t w a r e \ G o o b z o " = > n o t f o u n d

C : \ W i n d o w s \ S y s t e m 3 2 \ D r i v e r s \ e t c \ h o s t s = > m o v e d s u c c e s s f u l l y

H o s t s r e s t o r e d s u c c e s s f u l l y .



= = = = = = = = = = = E m p t y T e m p : = = = = = = = = = =



B I T S t r a n s f e r q u e u e = > 0 B

D O M S t o r e , I E R e c o v e r y , A p p C a c h e , F e e d s C a c h e , T h u m b c a c h e , I c o n C a c h e = > 2 4 4 5 6 8 0 0 B

J a v a , F l a s h , S t e a m h t m l c a c h e = > 5 0 6 B

W i n d o w s / s y s t e m / d r i v e r s = > 4 5 0 0 4 8 3 2 B

E d g e = > 0 B

C h r o m e = > 7 6 2 6 6 0 6 5 8 B

F i r e f o x = > 7 0 7 3 3 5 1 B

O p e r a = > 0 B



T e m p , I E c a c h e , h i s t o r y , c o o k i e s , r e c e n t :

U s e r s = > 0 B

D e f a u l t = > 0 B

P u b l i c = > 0 B

P r o g r a m D a t a = > 0 B

s y s t e m p r o f i l e = > 6 7 4 1 7 7 9 7 B

s y s t e m p r o f i l e 3 2 = > 1 0 8 9 2 2 B

L o c a l S e r v i c e = > 0 B

N e t w o r k S e r v i c e = > 0 B

U p d a t u s U s e r = > 0 B

T o m i c = > 1 6 7 6 5 4 3 5 2 B

p o s t g r e s = > 0 B



R e c y c l e B i n = > 0 B

E m p t y T e m p : = > 1 G B t e m p o r a r y d a t a R e m o v e d .



= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =





T h e s y s t e m n e e d e d a r e b o o t .



= = = = E n d o f F i x l o g 1 4 : 1 7 : 3 7 = = = =

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Problém notebook NVstreamuseragent.exe

#12 Příspěvek od Conder »

:arrow: Urob v MBAM uplny sken
  • Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
  • Ignoruj skusobnu trial verziu
  • Otvor MBAM a vlavo klikni na "Skenovat"
  • Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
  • Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
  • Klikni na Skenovat teraz a pockaj na dokoncenie
  • Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
  • Obsah tohto suboru sem skopiruj
  • Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868
:arrow: Ak to nepojde v normalnom rezime, skus opat nudzovy rezim.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomic91
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 čer 2016 12:14

Re: Problém notebook NVstreamuseragent.exe

#13 Příspěvek od tomic91 »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 27.03.18
Čas skenování: 20:42
Logovací soubor: 9189238a-31ee-11e8-96a3-00030d000001.json
Správce: Ano

-Informace o softwaru-
Verze: 3.4.4.2398
Verze komponentů: 1.0.322
Aktualizovat verzi balíku komponent: 1.0.4512
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Tomic-PC\Tomic

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 398763
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 hod, 18 min, 18 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 5
PUP.Optional.Solvusoft, C:\USERS\TOMIC\DOWNLOADS\SETUP_DRIVERDOC_2016.EXE, Žádná uživatelská akce, [2876], [331663],1.0.4512
Adware.Dropper, C:\USERS\TOMIC\DOWNLOADS\WINTHRUSTER_1.79_CRACK_SERIAL_KEY_DOWNLOAD_HERE.EXE, Žádná uživatelská akce, [3603], [402716],1.0.4512
PUP.Optional.WiperSoft, C:\USERS\TOMIC\DOWNLOADS\WIPERSOFT-INSTALLER (1).EXE, Žádná uživatelská akce, [4507], [340923],1.0.4512
PUP.Optional.WiperSoft, C:\USERS\TOMIC\DOWNLOADS\WIPERSOFT-INSTALLER.EXE, Žádná uživatelská akce, [4507], [340923],1.0.4512
Adware.LoadMoney, C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUAUTOUPDATECHECK.EXE, Žádná uživatelská akce, [389], [320751],1.0.4512

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Problém notebook NVstreamuseragent.exe

#14 Příspěvek od Conder »

:arrow: OK, PC vyzra cisty po stranke malwaru. Podla minidumpov su BSOD sposobene Bluetooth ovladacom (Bluesoleil), skus ho aktualizovat.

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvori subory sfcdetails.txt a dism.txt, tieto subory posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět