Zdravím mam problem s oknom ktoré vyskakuje po každom štarte windows nejaky script que.vbs
log here:
draLogfile of random's system information tool 1.10 (written by random/random)
Run by kolca at 2018-06-19 15:32:14
Microsoft Windows 10 Home
System drive C: has 12 GB (10%) free of 121 GB
Total RAM: 8060 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:32:16 PM, on 6/19/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal
Running processes:
D:\Kokotiny\aburner\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Acer\Acer Quick Access\plugins\ColorIntelligence\CACE.exe
C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files\trend micro\kolca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer17win10.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [FACEIT] "D:\Kokotiny\FACEIT\FACEIT.exe"
O4 - HKCU\..\Run: [Spotify] C:\Users\kolca\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [NetLimiter] "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized
O4 - HKCU\..\Run: [TSMApplication] "D:\Kokotiny\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKCU\..\Run: [Discord] C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\kolca\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\kolca\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: Twitch.lnk = kolca\AppData\Roaming\Twitch\Bin\Twitch.exe
O4 - Global Startup: DuckDns.lnk = C:\Program Files (x86)\DuckDNS\DuckDns.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHDCPSvc.exe
O23 - Service: Dolby DAX2 API Service (DAX2API) - Unknown owner - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxCUIService.exe
O23 - Service: Intel SST Parameter Service (IntelSSTSvc) - Unknown owner - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 13534 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
C:\WINDOWS\system32\AUDIODG.EXE 0x418
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {7a5efe28-f0cb-4c4a-99fcc9f3dead5ee8}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHDCPSvc.exe
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHeciSvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
C:\WINDOWS\system32\wbem\wmiprvse.exe
sihost.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"D:\Kokotiny\aburner\MSI Afterburner\MSIAfterburner.exe" /s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxEM.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\QALSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\Acer\Acer Quick Access\QAAgent.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe"
"C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxext.exe" -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\plugins\ColorIntelligence\CACE.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxext.exe" -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe" -Hide
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe"
"C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe" --type=gpu-process --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,23,40,59,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x591b --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=21.20.16.4526 --gpu-driver-date=9-23-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1c8c --service-request-channel-token=EFA2B89A599FC4CCA277B112457E3512 --mojo-platform-channel-handle=1544 /prefetch:2
"C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\kolca\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\kolca\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.87 --initial-client-data=0x1d0,0x1d4,0x1d8,0x1cc,0x1dc,0x7ffadc443228,0x7ffadc443238,0x7ffadc443248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2616 --on-initialized-event-handle=656 --parent-handle=660 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=A1E8149E03E2E71A0D328DA13F6226DF --mojo-platform-channel-handle=1492 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=5701FD07C4C3B1EE3A54259D6365DF16 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5701FD07C4C3B1EE3A54259D6365DF16 --renderer-client-id=3 --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=C7A2A800FAA1809371691A6D9A551F81 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C7A2A800FAA1809371691A6D9A551F81 --renderer-client-id=4 --mojo-platform-channel-handle=3440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=94134955E6A268B98CF3C796EEC6E7A0 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=94134955E6A268B98CF3C796EEC6E7A0 --renderer-client-id=5 --mojo-platform-channel-handle=3480 /prefetch:1
"C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe" --type=renderer --no-sandbox --primordial-pipe-token=D1D0CFD9444EB1333E3332A86FCC2EB5 --lang=en-US --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\kolca\AppData\Local\Discord\app-0.0.301\resources\app.asar" --node-integration=false --preload="C:\Users\kolca\AppData\Roaming\discord\0.0.301\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#2f3136 --enable-blink-features=EnumerateDevices,AudioOutputDevices --hidden-page --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=D1D0CFD9444EB1333E3332A86FCC2EB5 --renderer-client-id=6 --mojo-platform-channel-handle=2524 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=DA5F7CF8FE11FE042BBE4C63A97117A9 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=DA5F7CF8FE11FE042BBE4C63A97117A9 --renderer-client-id=12 --mojo-platform-channel-handle=6636 /prefetch:1
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=E9683AC07A939E9B0C179B99B5AA434F --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E9683AC07A939E9B0C179B99B5AA434F --renderer-client-id=16 --mojo-platform-channel-handle=4084 /prefetch:1
C:\OEM\Preload\FubTool\FubTool.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=EA28C894E1D2BBD5327D05C88045553D --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=EA28C894E1D2BBD5327D05C88045553D --renderer-client-id=20 --mojo-platform-channel-handle=5204 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=6990C626B9B358336FB69174A9E38225 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6990C626B9B358336FB69174A9E38225 --renderer-client-id=31 --mojo-platform-channel-handle=6308 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=5D81B390333A32481BA4A4970D0448FC --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5D81B390333A32481BA4A4970D0448FC --renderer-client-id=32 --mojo-platform-channel-handle=6468 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=4BC63FB85F896736C83CE1510569C1A7 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4BC63FB85F896736C83CE1510569C1A7 --renderer-client-id=56 --mojo-platform-channel-handle=6456 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=E3875BCAD9AF24676C48179097E1C52B --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E3875BCAD9AF24676C48179097E1C52B --renderer-client-id=57 --mojo-platform-channel-handle=8840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=2A80EEDC9C76C53BE26B7C551AC2ABDD --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2A80EEDC9C76C53BE26B7C551AC2ABDD --renderer-client-id=58 --mojo-platform-channel-handle=8352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=4D07615846438C09659710C83C0D18D2 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4D07615846438C09659710C83C0D18D2 --renderer-client-id=59 --mojo-platform-channel-handle=8108 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=7E7C0C7960C13951339C13D5F1BED2B6 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7E7C0C7960C13951339C13D5F1BED2B6 --renderer-client-id=60 --mojo-platform-channel-handle=2344 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1460,4124117598297066096,8499653517147960262,131072 --service-pipe-token=C81B8AED85ADAC7B7E1F7192FBD23038 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C81B8AED85ADAC7B7E1F7192FBD23038 --renderer-client-id=62 --mojo-platform-channel-handle=8684 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\kolca\AppData\Roaming\Mozilla\Firefox\Profiles\htacdveg.default
prefs.js - "browser.startup.homepage" - "https://search.yahoo.com/yhs/web?hspart ... 0601__yaff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL
C:\Users\kolca\AppData\Roaming\Mozilla\Firefox\Profiles\htacdveg.default\searchplugins\
yahoo-lavasoft-ff59.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-06-18 207024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-10-01 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-01 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-28 149168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-10-14 16709128]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-14 1467400]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2016-09-20 71168]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"DAX2_APP"=C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [2016-06-24 829632]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FACEIT"=D:\Kokotiny\FACEIT\FACEIT.exe [2017-10-31 81046232]
"Spotify"=C:\Users\kolca\AppData\Roaming\Spotify\Spotify.exe [2018-05-22 23177616]
"NetLimiter"=C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [2017-10-30 56368]
"TSMApplication"=D:\Kokotiny\TradeSkillMaster Application\app\TSMApplication.exe [2017-12-03 1623040]
"Discord"=C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe [2018-04-30 57816920]
"uTorrent"=C:\Users\kolca\AppData\Roaming\uTorrent\uTorrent.exe [2018-06-01 1987512]
"Spotify Web Helper"=C:\Users\kolca\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-05-22 782736]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DuckDns.lnk - C:\Program Files (x86)\DuckDNS\DuckDns.exe
C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Twitch.lnk - C:\Users\kolca\AppData\Roaming\Twitch\Bin\Twitch.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableSecureUIAPath"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit -
.js - open - "D:\New folder (2)\WebStorm 2017.3.4\bin\webstorm64.exe" "%1"
======List of files/folders created in the last 1 month======
2018-06-19 15:32:14 ----D---- C:\rsit
2018-06-19 15:32:14 ----D---- C:\Program Files\trend micro
2018-06-19 15:15:24 ----D---- C:\AdwCleaner
2018-06-19 02:53:04 ----A---- C:\DelFix.txt
2018-06-19 02:41:07 ----D---- C:\WINDOWS\LastGood
2018-06-19 02:33:55 ----SH---- C:\bootTel.dat
2018-06-19 00:53:02 ----D---- C:\WINDOWS\LastGood.Tmp
2018-06-18 08:27:29 ----D---- C:\Program Files\Common Files\DESIGNER
2018-06-17 00:43:30 ----D---- C:\ProgramData\Wondershare
2018-06-13 12:39:16 ----D---- C:\WINDOWS\pss
2018-06-13 12:22:07 ----D---- C:\Users\kolca\AppData\Roaming\NVIDIA
2018-06-12 21:14:33 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-06-12 21:14:33 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-06-12 21:14:33 ----A---- C:\WINDOWS\system32\domgmt.dll
2018-06-12 21:14:33 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-06-12 21:14:33 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-06-12 21:14:32 ----A---- C:\WINDOWS\system32\NotificationController.dll
2018-06-12 21:14:31 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-06-12 21:14:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-06-12 21:14:30 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-06-12 21:14:30 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-06-12 21:14:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-12 21:14:29 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2018-06-12 21:14:29 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-06-12 21:14:29 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-06-12 21:14:29 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-06-12 21:14:28 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-06-12 21:14:28 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-06-12 21:14:28 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-06-12 21:14:28 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-06-12 21:14:28 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-06-12 21:14:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-06-12 21:14:27 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-06-12 21:14:27 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-06-12 21:14:27 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-06-12 21:14:27 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-06-12 21:14:27 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-06-12 21:14:27 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-06-12 21:14:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-06-12 21:14:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-06-12 21:14:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-06-12 21:14:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-06-12 21:14:26 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-06-12 21:14:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-12 21:14:25 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-06-12 21:14:25 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2018-06-12 21:14:25 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-06-12 21:14:25 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-06-12 21:14:24 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-06-12 21:14:24 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-06-12 21:14:23 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-06-12 21:14:23 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-06-12 21:14:23 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-06-12 21:14:23 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-06-12 21:14:23 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-06-12 21:14:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-06-12 21:14:22 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-06-12 21:14:22 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-12 21:14:21 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-06-12 21:14:21 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-06-12 21:14:21 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-12 21:14:21 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-06-12 21:14:21 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-06-12 21:14:21 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-06-12 21:14:20 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-06-12 21:14:20 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-06-12 21:14:20 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-06-12 21:14:20 ----A---- C:\WINDOWS\system32\jscript.dll
2018-06-12 21:14:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-06-12 21:14:20 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-06-12 21:14:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-06-12 21:14:19 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-06-12 21:14:19 ----A---- C:\WINDOWS\system32\WinTypes.dll
2018-06-12 21:14:19 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-06-12 21:14:19 ----A---- C:\WINDOWS\system32\mf.dll
2018-06-12 21:14:19 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-06-12 21:14:18 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-12 21:14:18 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-06-12 21:14:18 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-12 21:14:18 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-06-12 21:14:18 ----A---- C:\WINDOWS\system32\combase.dll
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\WWAHost.exe
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\WwaApi.dll
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-06-12 21:14:17 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-06-12 21:14:16 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-06-12 21:14:16 ----A---- C:\WINDOWS\system32\wininet.dll
2018-06-12 21:14:16 ----A---- C:\WINDOWS\system32\msIso.dll
2018-06-12 21:14:16 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-06-12 21:14:16 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-06-12 21:14:15 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-12 21:14:14 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-06-12 21:14:14 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-06-12 21:14:14 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-06-12 21:14:14 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-06-12 21:14:12 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2018-06-12 21:14:12 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-12 21:14:12 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-12 21:14:11 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2018-06-12 21:14:11 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-06-12 21:14:11 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-06-12 21:14:11 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-06-12 21:14:11 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-06-12 21:14:11 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-06-12 21:14:11 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-06-12 21:14:11 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-12 21:14:11 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2018-06-12 21:14:10 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2018-06-12 21:14:10 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-12 21:14:10 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-06-12 21:14:10 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-06-12 21:14:10 ----A---- C:\WINDOWS\explorer.exe
2018-06-12 21:14:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-06-12 21:14:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-12 21:14:09 ----A---- C:\WINDOWS\system32\shell32.dll
2018-06-12 21:14:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-06-12 21:14:08 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2018-06-12 21:14:08 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-06-12 21:14:08 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-06-12 21:14:08 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-06-12 21:14:08 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2018-06-12 21:14:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2018-06-12 21:14:07 ----A---- C:\WINDOWS\system32\smartscreen.exe
2018-06-12 21:14:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\FaceProcessorCore.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\FaceProcessor.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-06-12 21:14:06 ----A---- C:\WINDOWS\system32\cdp.dll
2018-06-12 21:14:05 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-12 21:14:05 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-06-12 21:14:05 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-06-12 21:14:04 ----A---- C:\WINDOWS\system32\wincorlib.dll
2018-06-12 21:14:01 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2018-06-12 21:14:01 ----A---- C:\WINDOWS\system32\aadtb.dll
2018-06-12 21:13:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-12 21:13:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-12 21:13:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-12 21:13:58 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2018-06-12 21:13:58 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2018-06-12 21:13:58 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-06-12 21:13:58 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2018-06-12 21:13:58 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-12 21:13:58 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-06-12 21:13:58 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-12 21:13:57 ----A---- C:\WINDOWS\system32\winresume.exe
2018-06-12 21:13:57 ----A---- C:\WINDOWS\system32\winload.exe
2018-06-12 21:13:57 ----A---- C:\WINDOWS\system32\skci.dll
2018-06-12 21:13:57 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-06-12 21:13:57 ----A---- C:\WINDOWS\system32\ci.dll
2018-06-12 21:13:57 ----A---- C:\WINDOWS\system32\bcrypt.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\invagent.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\devinv.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\aepic.dll
2018-06-12 21:13:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\mfps.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\efscore.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-06-12 21:13:55 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2018-06-12 21:13:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-12 21:13:54 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2018-06-12 21:13:54 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-12 21:13:54 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-06-12 21:13:54 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-12 21:13:54 ----A---- C:\WINDOWS\system32\webservices.dll
2018-06-12 21:13:54 ----A---- C:\WINDOWS\system32\GamePanel.exe
2018-06-12 21:13:54 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2018-06-12 21:13:53 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-06-12 21:13:53 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2018-06-12 21:13:53 ----A---- C:\WINDOWS\SYSWOW64\kernel.appcore.dll
2018-06-12 21:13:53 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2018-06-12 21:13:53 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-12 21:13:53 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2018-06-12 21:13:53 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2018-06-12 21:13:53 ----A---- C:\WINDOWS\system32\kernel.appcore.dll
2018-06-12 21:13:53 ----A---- C:\WINDOWS\system32\drivers\uefi.sys
2018-06-12 21:13:53 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2018-06-12 21:13:52 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2018-06-12 21:13:52 ----A---- C:\WINDOWS\SYSWOW64\DbgModel.dll
2018-06-12 21:13:52 ----A---- C:\WINDOWS\system32\pcaevts.dll
2018-06-12 21:13:52 ----A---- C:\WINDOWS\system32\pcadm.dll
2018-06-12 21:13:52 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-12 21:13:52 ----A---- C:\WINDOWS\system32\GamePanelExternalHook.dll
2018-06-12 21:13:52 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2018-06-12 21:13:52 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-06-09 20:24:40 ----D---- C:\Users\kolca\AppData\Roaming\EasyAntiCheat
2018-06-09 11:40:21 ----D---- C:\Users\kolca\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-09 11:05:52 ----D---- C:\Program Files\IDT
2018-06-09 11:05:49 ----D---- C:\swsetup
2018-06-06 12:04:38 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2018-06-06 12:04:38 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2018-06-06 12:04:38 ----A---- C:\WINDOWS\system32\nvshext.dll
2018-06-06 12:04:38 ----A---- C:\WINDOWS\system32\nvmctray.dll
2018-06-06 12:04:38 ----A---- C:\WINDOWS\system32\nvcpl.dll
2018-06-06 12:04:38 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2018-06-06 12:04:38 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2018-06-06 12:04:33 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-06-06 12:04:27 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvopencl.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvdispgenco6439135.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvdispco6439135.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2018-06-06 12:02:43 ----A---- C:\WINDOWS\system32\nvcuda.dll
2018-06-06 12:02:42 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2018-06-06 12:02:42 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2018-06-06 12:02:42 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2018-06-06 12:02:42 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2018-06-06 12:02:42 ----A---- C:\WINDOWS\system32\nvapi64.dll
2018-06-05 17:14:55 ----D---- C:\Users\kolca\AppData\Roaming\Guild Wars 2
2018-06-04 23:54:25 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2018-06-04 23:54:25 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2018-06-04 23:54:25 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-06-04 23:54:12 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2018-06-04 23:54:12 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2018-06-04 23:52:49 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2018-06-04 23:52:49 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2018-06-02 07:09:36 ----A---- C:\WINDOWS\sound32.exe
2018-06-01 20:27:01 ----A---- C:\WINDOWS\system32\heslo.txt
2018-05-30 17:11:34 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2018-05-30 17:11:34 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-05-30 17:11:34 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2018-05-30 17:11:33 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2018-05-30 17:11:33 ----A---- C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-05-30 17:11:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-05-30 17:11:32 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-05-30 17:11:32 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-05-30 17:11:31 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-05-30 17:11:30 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-05-30 17:11:30 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-05-30 17:11:30 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-30 17:11:30 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-30 17:11:30 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-05-30 17:11:30 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2018-05-30 17:11:29 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2018-05-30 17:11:28 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2018-05-30 17:11:27 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-05-30 17:11:26 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-30 17:11:25 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-05-30 17:11:24 ----A---- C:\WINDOWS\system32\services.exe
2018-05-30 17:11:24 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-05-30 17:11:24 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-05-30 17:11:24 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-05-30 17:11:19 ----A---- C:\WINDOWS\system32\HolographicRuntimes.dll
2018-05-30 17:11:19 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2018-05-30 17:11:15 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2018-05-30 17:11:15 ----A---- C:\WINDOWS\system32\mstsc.exe
2018-05-30 17:11:14 ----A---- C:\WINDOWS\system32\usocore.dll
2018-05-30 17:11:14 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-05-30 17:11:14 ----A---- C:\WINDOWS\system32\msra.exe
2018-05-30 17:11:14 ----A---- C:\WINDOWS\system32\msftedit.dll
2018-05-30 17:11:14 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2018-05-30 17:11:13 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2018-05-30 17:11:13 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2018-05-30 17:11:13 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-05-30 17:11:13 ----A---- C:\WINDOWS\system32\mmgaserver.exe
2018-05-30 17:11:13 ----A---- C:\WINDOWS\system32\mmgaclient.dll
2018-05-30 17:11:13 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2018-05-30 17:11:13 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\SYSWOW64\secur32.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\SYSWOW64\PayloadRestrictions.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\SYSWOW64\mmgaclient.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Bluetooth.Proxy.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\wer.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\secur32.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\PayloadRestrictions.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\drivers\ataport.sys
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\dinput8.dll
2018-05-30 17:11:12 ----A---- C:\WINDOWS\system32\dinput.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\mmgaserver.exe
2018-05-30 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\mmgaproxystub.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\system32\tzres.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\system32\SpatialStore.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\system32\SharedRealitySvc.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\system32\mmgaproxystub.dll
2018-05-30 17:11:11 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2018-05-29 21:19:26 ----HD---- C:\$SysReset
2018-05-29 11:27:37 ----A---- C:\WINDOWS\system32\Notifier.exe
2018-05-29 11:21:39 ----ASH---- C:\swapfile.sys
2018-05-29 11:21:39 ----ASH---- C:\pagefile.sys
2018-05-29 11:21:35 ----ASH---- C:\hiberfil.sys
2018-05-25 15:06:26 ----D---- C:\Program Files (x86)\VulkanRT
======List of files/folders modified in the last 1 month======
2018-06-19 15:32:14 ----RD---- C:\Program Files
2018-06-19 15:24:15 ----D---- C:\WINDOWS\System32
2018-06-19 15:24:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-19 15:23:06 ----D---- C:\WINDOWS\Temp
2018-06-19 15:20:07 ----D---- C:\ProgramData\NVIDIA
2018-06-19 15:18:42 ----D---- C:\WINDOWS\Prefetch
2018-06-19 15:18:16 ----D---- C:\WINDOWS\system32\Tasks
2018-06-19 15:17:38 ----D---- C:\WINDOWS\system32\sru
2018-06-19 12:44:13 ----D---- C:\Users\kolca\AppData\Roaming\TS3Client
2018-06-19 12:40:55 ----D---- C:\WINDOWS\system32\SleepStudy
2018-06-19 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-06-19 08:46:31 ----RD---- C:\WINDOWS\Microsoft.NET
2018-06-19 08:21:44 ----D---- C:\WINDOWS\DeliveryOptimization
2018-06-19 08:20:45 ----HD---- C:\Program Files\WindowsApps
2018-06-19 08:20:16 ----D---- C:\WINDOWS\AppReadiness
2018-06-19 02:56:39 ----D---- C:\WINDOWS
2018-06-19 02:45:17 ----D---- C:\WINDOWS\system32\drivers
2018-06-19 02:44:23 ----D---- C:\WINDOWS\system32\catroot2
2018-06-19 02:44:23 ----D---- C:\WINDOWS\system32\CatRoot
2018-06-19 02:41:17 ----D---- C:\WINDOWS\system32\DriverStore
2018-06-19 02:41:17 ----D---- C:\WINDOWS\INF
2018-06-19 02:41:09 ----D---- C:\WINDOWS\SysWOW64
2018-06-19 00:53:27 ----D---- C:\Program Files\Intel
2018-06-18 20:25:31 ----D---- C:\WINDOWS\system32\NDF
2018-06-18 13:25:15 ----D---- C:\Users\kolca\AppData\Roaming\Twitch
2018-06-18 08:27:41 ----SHDC---- C:\WINDOWS\Installer
2018-06-18 08:27:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-06-18 08:27:29 ----D---- C:\Program Files\Common Files\microsoft shared
2018-06-18 08:27:29 ----D---- C:\Program Files\Common Files
2018-06-18 08:27:07 ----AD---- C:\Program Files\Microsoft Office
2018-06-18 08:17:07 ----D---- C:\WINDOWS\Logs
2018-06-17 00:52:38 ----D---- C:\Program Files (x86)\Common Files
2018-06-17 00:52:33 ----HD---- C:\ProgramData
2018-06-17 00:42:25 ----RSD---- C:\WINDOWS\Fonts
2018-06-15 20:03:42 ----D---- C:\Users\kolca\AppData\Roaming\discord
2018-06-14 11:22:56 ----D---- C:\WINDOWS\rescache
2018-06-13 16:20:53 ----D---- C:\WINDOWS\system32\config
2018-06-13 12:49:23 ----D---- C:\ProgramData\AVAST Software
2018-06-13 12:46:26 ----D---- C:\Users\kolca\AppData\Roaming\uTorrent
2018-06-13 12:46:17 ----D---- C:\WINDOWS\debug
2018-06-13 12:46:16 ----D---- C:\WINDOWS\LiveKernelReports
2018-06-13 10:53:52 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-06-12 23:08:44 ----D---- C:\WINDOWS\WinSxS
2018-06-12 23:07:15 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-06-12 23:07:15 ----D---- C:\WINDOWS\TextInput
2018-06-12 23:07:15 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2018-06-12 23:07:14 ----SD---- C:\WINDOWS\system32\F12
2018-06-12 23:07:14 ----D---- C:\WINDOWS\system32\migration
2018-06-12 23:07:14 ----D---- C:\WINDOWS\system32\en-US
2018-06-12 23:07:14 ----D---- C:\WINDOWS\system32\Boot
2018-06-12 23:07:14 ----D---- C:\WINDOWS\ShellExperiences
2018-06-12 21:16:59 ----D---- C:\WINDOWS\CbsTemp
2018-06-12 21:13:42 ----D---- C:\WINDOWS\system32\MRT
2018-06-12 21:11:50 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-12 21:11:46 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-06-11 10:41:49 ----D---- C:\Program Files (x86)\Realtek
2018-06-09 20:24:42 ----D---- C:\Program Files (x86)\EasyAntiCheat
2018-06-09 11:05:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2018-06-08 15:28:28 ----D---- C:\WINDOWS\system32\Macromed
2018-06-08 15:28:27 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-06-07 22:58:20 ----D---- C:\Users\kolca\AppData\Roaming\Spotify
2018-06-07 15:09:50 ----D---- C:\Users\kolca\AppData\Roaming\DC++
2018-06-06 12:04:51 ----D---- C:\Program Files\NVIDIA Corporation
2018-06-06 12:04:38 ----D---- C:\WINDOWS\Help
2018-06-06 12:04:31 ----D---- C:\ProgramData\NVIDIA Corporation
2018-06-06 12:04:31 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-06-06 01:24:43 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-06-05 18:29:28 ----D---- C:\Users\kolca\AppData\Roaming\.minecraft
2018-06-05 00:13:50 ----SD---- C:\Users\kolca\AppData\Roaming\Microsoft
2018-06-05 00:13:50 ----RD---- C:\Program Files (x86)
2018-06-05 00:09:34 ----D---- C:\Users\kolca\AppData\Roaming\vlc
2018-06-04 09:32:08 ----D---- C:\WINDOWS\Minidump
2018-05-30 18:04:09 ----RSD---- C:\WINDOWS\assembly
2018-05-30 17:31:43 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-05-30 17:31:43 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-05-30 17:31:42 ----D---- C:\WINDOWS\system32\Dism
2018-05-29 21:20:12 ----D---- C:\WINDOWS\system32\wbem
2018-05-29 21:20:11 ----D---- C:\WINDOWS\system32\WinBioDatabase
2018-05-29 21:20:10 ----RD---- C:\Users
2018-05-29 21:20:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
2018-05-29 21:20:10 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-05-29 21:20:10 ----D---- C:\WINDOWS\system32\zh-HK
2018-05-29 21:20:10 ----D---- C:\WINDOWS\system32\spool
2018-05-29 21:20:10 ----D---- C:\WINDOWS\system32\Recovery
2018-05-29 21:20:10 ----D---- C:\WINDOWS\system32\IntelSSTAPO
2018-05-29 21:20:10 ----D---- C:\WINDOWS\system32\ihvmanager
2018-05-29 21:20:10 ----D---- C:\WINDOWS\system32\drivers\etc
2018-05-29 21:20:10 ----D---- C:\WINDOWS\oem
2018-05-29 21:20:10 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2018-05-29 21:20:10 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-05-29 21:20:10 ----ASD---- C:\ProgramData\Microsoft
2018-05-29 21:20:10 ----AD---- C:\WINDOWS\SYSWOW64\Adobe
2018-05-29 11:21:56 ----HD---- C:\$WINDOWS.~BT
2018-05-29 11:21:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-29 11:21:35 ----AD---- C:\Program Files\Mozilla Firefox
2018-05-23 00:00:54 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 FACEIT;FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [2018-02-10 9369040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-09-20 795640]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 nldrv;nldrv; C:\WINDOWS\system32\drivers\nldrv.sys [2017-10-30 178544]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-03-30 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-05-11 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2018-03-30 79872]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-08-18 605624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 ETDI2C;@oem22.inf,%ELANI2CDeviceDesc%;ELAN I2C Filter Driver; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [2016-08-17 217688]
R3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igdkmd64.sys [2016-10-10 10588664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-10-14 5361672]
R3 IntcDAud;@oem7.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-10-03 821224]
R3 iwdbus;@oem35.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 LMDriver;@oem32.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2016-09-13 21344]
R3 MEIx64;@oem34.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-09-23 204896]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvlddmkm.sys [2018-03-25 17544792]
R3 nvvad_WaveExtensible;@oem18.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2018-05-23 67432]
R3 nvvhci;@oem41.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-03-24 58816]
R3 Qcamain10x64;@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2017-09-29 2344448]
R3 RadioShim;@oem32.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2016-09-13 14688]
R3 rt640x64;@oem30.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-08-22 943112]
R3 RTCore64;RTCore64; \??\D:\Kokotiny\aburner\MSI Afterburner\RTCore64.sys [2017-08-27 14024]
R3 RTSUER;@oem37.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-08-04 418784]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-02-22 45472]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 AppleLowerFilter;@oem43.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2018-04-26 35560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-06-08 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-07 51704]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-23 30656]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-08 937376]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-29 56216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2016-08-18 338312]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2016-08-30 2267352]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_52b80;Connected Devices Platform User Service_52b80; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-06-12 8654504]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHDCPSvc.exe [2016-10-10 480248]
R2 DAX2API;Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [2016-07-18 154816]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-09-20 17976]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxCUIService.exe [2016-10-10 342000]
R2 IntelSSTSvc;Intel SST Parameter Service; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [2016-09-19 26576]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23 764352]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-23 629696]
R2 OneSyncSvc_52b80;Sync Host_52b80; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHeciSvc.exe [2016-10-10 301552]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-23 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_52b80;Contact Data_52b80; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 QALSvc;Quick Access Local Service; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [2016-09-13 441136]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2016-09-13 482608]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-18 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-06-14 6875688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_52b80;DevicesFlow_52b80; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-05-03 86016]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-06-09 780928]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-18 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_52b80;MessagingService_52b80; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23 764352]
S3 ose64;Office 64 Source Engine; c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 263344]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_52b80;PrintWorkflow_52b80; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 956416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-06-09 1673504]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-05-17 194512]
S4 nlsvc;NetLimiter 4 Service; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [2017-10-30 332848]
S4 OpenVPNService;OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [2016-11-25 15872]
S4 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-09-26 73856]
S4 OpenVPNServiceLegacy;OpenVPN Legacy Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-09-26 73856]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Popuot po štarte winu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Popuot po štarte winu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Popuot po štarte winu
tento program som použil pred nedavnom tak tu je log z 19.6
-----------------------------
# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-19.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-19-2018
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 12
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\1b460c18-2611-5297-a1a8-4f35160a268c
Deleted HKCU\Software\csastats
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\PRODUCTSETUP
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2395 octets] - [19/06/2018 15:15:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-----------------------------
# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-19.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-19-2018
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 12
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\1b460c18-2611-5297-a1a8-4f35160a268c
Deleted HKCU\Software\csastats
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\PRODUCTSETUP
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2395 octets] - [19/06/2018 15:15:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Popuot po štarte winu
tento je z dnes
# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-19.4
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-21-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2395 octets] - [19/06/2018 15:15:40]
AdwCleaner[C00].txt - [2363 octets] - [19/06/2018 15:16:03]
AdwCleaner[S01].txt - [1364 octets] - [19/06/2018 15:17:11]
AdwCleaner[C01].txt - [1550 octets] - [19/06/2018 15:17:29]
AdwCleaner[S02].txt - [1486 octets] - [21/06/2018 10:22:51]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-19.4
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-21-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2395 octets] - [19/06/2018 15:15:40]
AdwCleaner[C00].txt - [2363 octets] - [19/06/2018 15:16:03]
AdwCleaner[S01].txt - [1364 octets] - [19/06/2018 15:17:11]
AdwCleaner[C01].txt - [1550 octets] - [19/06/2018 15:17:29]
AdwCleaner[S02].txt - [1486 octets] - [21/06/2018 10:22:51]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Popuot po štarte winu
To je OK. Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Popuot po štarte winu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by kolca (administrator) on LAPTOP-1R365B88 (21-06-2018 20:47:21)
Running from C:\Users\kolca\Desktop
Loaded Profiles: kolca (Available Profiles: kolca)
Platform: Windows 10 Home Version 1709 16299.492 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\WINDOWS\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() D:\Kokotiny\aburner\MSI Afterburner\MSIAfterburner.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\plugins\ColorIntelligence\CACE.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Discord Inc.) C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6244\Agent.exe
(Blizzard Entertainment) D:\battlenet\Battle.net\Battle.net.exe
(Blizzard Entertainment) D:\battlenet\Battle.net\Battle.net.10202\Battle.net Helper.exe
(Blizzard Entertainment) D:\battlenet\Battle.net\Battle.net.10202\Battle.net Helper.exe
(Blizzard Entertainment) D:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Microsoft Corporation) C:\WINDOWS\System32\GameBarPresenceWriter.exe
(TeamSpeak Systems GmbH) D:\Program Files\Teamspeak\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16709128 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [FACEIT] => D:\Kokotiny\FACEIT\FACEIT.exe [81046232 2017-10-31] (FACEIT Ltd.)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [Spotify] => C:\Users\kolca\AppData\Roaming\Spotify\Spotify.exe [23177616 2018-05-22] (Spotify Ltd)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [56368 2017-10-30] (Locktime Software)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [TSMApplication] => D:\Kokotiny\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2017-12-03] ()
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [Discord] => C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [uTorrent] => C:\Users\kolca\AppData\Roaming\uTorrent\uTorrent.exe [1987512 2018-06-01] (BitTorrent Inc.)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [Spotify Web Helper] => C:\Users\kolca\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-05-22] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DuckDns.lnk [2017-12-15]
ShortcutTarget: DuckDns.lnk -> C:\Program Files (x86)\DuckDNS\DuckDns.exe ()
Startup: C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-01-25]
ShortcutTarget: Twitch.lnk -> C:\Users\kolca\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.200.4 172.17.200.2
Tcpip\..\Interfaces\{0ddc3128-c889-4b6f-9687-7b45ed54c312}: [DhcpNameServer] 192.168.1.10 195.146.132.59 195.146.128.60
Tcpip\..\Interfaces\{316caf56-5a33-44dd-a48e-d555322a91e6}: [DhcpNameServer] 172.17.200.4 172.17.200.2
Tcpip\..\Interfaces\{3329436a-d1ef-4b5c-9fd4-4885dabd3f42}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54634ac0-d9e6-422d-b4a9-8d38f8074075}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{b5c4a622-984a-450d-8294-4a8e26c852d4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e352fee6-5aae-4877-a48b-92bae5b1b551}: [DhcpNameServer] 172.17.200.2 172.17.200.4
Internet Explorer:
==================
HKU\S-1-5-21-907423362-3305526511-137660631-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> DefaultScope {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180601__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-06-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-10-01] (Oracle Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-28] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: htacdveg.default
FF ProfilePath: C:\Users\kolca\AppData\Roaming\Mozilla\Firefox\Profiles\htacdveg.default [2018-06-13]
FF Homepage: Mozilla\Firefox\Profiles\htacdveg.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180601__yaff
FF NewTab: Mozilla\Firefox\Profiles\htacdveg.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180601__yaff
FF SearchPlugin: C:\Users\kolca\AppData\Roaming\Mozilla\Firefox\Profiles\htacdveg.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-06-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-08] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-05-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Default Search
CHR Profile: C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default [2018-06-21]
CHR Extension: (Slides) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (BetterTTV) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-21]
CHR Extension: (Docs) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-18]
CHR Extension: (FACEIT HELPER) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjdhcabjnhhifipbnopnfpfidkafanjf [2017-12-05]
CHR Extension: (YouTube) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-18]
CHR Extension: (Ban Checker for Steam) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2018-06-19]
CHR Extension: (Adblock Plus) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-16]
CHR Extension: (Steam Inventory Helper) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2018-06-19]
CHR Extension: (Sheets) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-18] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-06-14] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8654504 2018-06-12] (Microsoft Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-09] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2016-09-19] (Intel Corporation)
S4 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [332848 2017-10-30] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-23] (NVIDIA Corporation)
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
S4 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
S4 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-28] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (Apple Inc.)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN Microelectronic Corp.)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [9369040 2018-02-10] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-09-13] (Acer Incorporated)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178544 2017-10-30] (Locktime Software)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-05-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-09-13] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 RTCore64; D:\Kokotiny\aburner\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realsil Semiconductor Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [210680 2017-10-18] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-21 20:47 - 2018-06-21 20:47 - 000023887 _____ C:\Users\kolca\Desktop\FRST.txt
2018-06-21 20:46 - 2018-06-21 20:47 - 000000000 ____D C:\FRST
2018-06-21 20:46 - 2018-06-21 20:46 - 002412544 _____ (Farbar) C:\Users\kolca\Desktop\FRST64.exe
2018-06-21 13:22 - 2018-06-21 13:50 - 000000000 ____D C:\ESD
2018-06-21 13:20 - 2018-06-21 13:20 - 000000000 ___HD C:\$Windows.~WS
2018-06-21 13:20 - 2018-06-21 00:39 - 019119064 _____ (Microsoft Corporation) C:\Users\kolca\Desktop\MediaCreationTool1803.exe
2018-06-21 10:22 - 2018-06-21 10:21 - 007372496 _____ (Malwarebytes) C:\Users\kolca\Desktop\adwcleaner_7.2.0 (1).exe
2018-06-19 15:32 - 2018-06-19 15:32 - 000000000 ____D C:\rsit
2018-06-19 15:32 - 2018-06-19 15:32 - 000000000 ____D C:\Program Files\trend micro
2018-06-19 15:15 - 2018-06-19 15:16 - 000000000 ____D C:\AdwCleaner
2018-06-19 02:53 - 2018-06-19 02:53 - 000000237 _____ C:\DelFix.txt
2018-06-19 02:33 - 2018-06-19 02:33 - 000000072 ___SH C:\bootTel.dat
2018-06-18 08:27 - 2018-06-18 08:27 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-06-17 00:43 - 2018-06-17 00:44 - 000000000 ____D C:\ProgramData\Wondershare
2018-06-17 00:42 - 2018-06-17 00:43 - 000000000 ____D C:\Users\kolca\Documents\Wondershare Filmora
2018-06-17 00:42 - 2018-06-17 00:42 - 000000000 ____D C:\Users\kolca\AppData\Local\Wondershare
2018-06-17 00:41 - 2018-06-17 00:42 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-06-13 12:47 - 2018-06-13 12:47 - 000296676 _____ C:\Users\kolca\Documents\cc_20180613_124718.reg
2018-06-13 12:39 - 2018-06-13 12:39 - 000000000 ____D C:\WINDOWS\pss
2018-06-13 12:29 - 2018-06-21 00:40 - 000003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-06-13 12:25 - 2018-06-13 12:25 - 000000877 _____ C:\Users\kolca\Desktop\MSI Afterburner.lnk
2018-06-13 12:25 - 2018-06-13 12:25 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2018-06-13 12:22 - 2018-06-13 12:22 - 000000762 _____ C:\Users\kolca\Desktop\MSI Kombustor 3.lnk
2018-06-13 12:22 - 2018-06-13 12:22 - 000000000 ____D C:\Users\kolca\AppData\Roaming\NVIDIA
2018-06-13 12:22 - 2018-06-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2018-06-13 12:19 - 2018-06-13 12:19 - 000000000 ____D C:\Users\kolca\Desktop\PUBG 1.0 FPS pack by Panj
2018-06-12 21:14 - 2018-06-08 19:26 - 021754880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-12 21:14 - 2018-06-08 19:26 - 017084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-12 21:14 - 2018-06-08 19:03 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-12 21:14 - 2018-06-08 18:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-12 21:14 - 2018-06-08 18:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-12 21:14 - 2018-06-08 13:42 - 002491120 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-12 21:14 - 2018-06-08 13:41 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-12 21:14 - 2018-06-08 09:33 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-06-12 21:14 - 2018-06-08 09:33 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-12 21:14 - 2018-06-08 09:33 - 001056184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-12 21:14 - 2018-06-08 09:33 - 000269720 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-06-12 21:14 - 2018-06-08 09:32 - 001638432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-12 21:14 - 2018-06-08 09:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-12 21:14 - 2018-06-08 09:32 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-12 21:14 - 2018-06-08 09:30 - 008594848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-12 21:14 - 2018-06-08 09:30 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-12 21:14 - 2018-06-08 09:30 - 001953544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-12 21:14 - 2018-06-08 09:29 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-12 21:14 - 2018-06-08 09:27 - 001173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-12 21:14 - 2018-06-08 09:27 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-12 21:14 - 2018-06-08 09:25 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-06-12 21:14 - 2018-06-08 09:24 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-12 21:14 - 2018-06-08 09:24 - 003009736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-12 21:14 - 2018-06-08 09:24 - 002711248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-12 21:14 - 2018-06-08 09:24 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-12 21:14 - 2018-06-08 09:24 - 000891808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-06-12 21:14 - 2018-06-08 09:23 - 021357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-12 21:14 - 2018-06-08 09:23 - 004486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-12 21:14 - 2018-06-08 09:23 - 002412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-12 21:14 - 2018-06-08 09:23 - 000824904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 006791992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 001269640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 000688072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 000093624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 007385096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 001779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 000594080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-12 21:14 - 2018-06-08 09:20 - 001101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-12 21:14 - 2018-06-08 08:26 - 025256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-12 21:14 - 2018-06-08 08:21 - 001931256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-12 21:14 - 2018-06-08 08:21 - 001614168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-12 21:14 - 2018-06-08 08:21 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-12 21:14 - 2018-06-08 08:19 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-12 21:14 - 2018-06-08 08:18 - 000097160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-12 21:14 - 2018-06-08 08:10 - 003485400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-06-12 21:14 - 2018-06-08 08:10 - 002338272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 017161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 006092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 000832952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2018-06-12 21:14 - 2018-06-08 08:09 - 000791968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-06-12 21:14 - 2018-06-08 08:09 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-06-12 21:14 - 2018-06-08 08:08 - 020290256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-12 21:14 - 2018-06-08 08:08 - 003979696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-12 21:14 - 2018-06-08 08:08 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-12 21:14 - 2018-06-08 08:08 - 001990672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-12 21:14 - 2018-06-08 08:08 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 002386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000975360 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 006015208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 004668688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 001524784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 000551696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-06-12 21:14 - 2018-06-08 08:05 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-12 21:14 - 2018-06-08 08:04 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-12 21:14 - 2018-06-08 08:04 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-12 21:14 - 2018-06-08 08:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-12 21:14 - 2018-06-08 08:03 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-12 21:14 - 2018-06-08 08:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-12 21:14 - 2018-06-08 08:03 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-06-12 21:14 - 2018-06-08 08:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-12 21:14 - 2018-06-08 08:00 - 012833792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-12 21:14 - 2018-06-08 08:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-06-12 21:14 - 2018-06-08 08:00 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 003124224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-06-12 21:14 - 2018-06-08 07:59 - 001116672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-12 21:14 - 2018-06-08 07:57 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-12 21:14 - 2018-06-08 07:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-12 21:14 - 2018-06-08 07:56 - 002528768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-12 21:14 - 2018-06-08 07:56 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-12 21:14 - 2018-06-08 07:55 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-06-12 21:14 - 2018-06-08 07:52 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-06-12 21:14 - 2018-06-08 07:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-12 21:14 - 2018-06-08 07:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-12 21:14 - 2018-06-08 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-12 21:14 - 2018-06-08 07:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-06-12 21:14 - 2018-06-08 07:45 - 018930688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-12 21:14 - 2018-06-08 07:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-06-12 21:14 - 2018-06-08 07:44 - 019358720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-12 21:14 - 2018-06-08 07:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-12 21:14 - 2018-06-08 07:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-12 21:14 - 2018-06-08 07:43 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-06-12 21:14 - 2018-06-08 07:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-06-12 21:14 - 2018-06-08 07:39 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-12 21:14 - 2018-06-08 07:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-12 21:14 - 2018-06-08 07:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-06-12 21:14 - 2018-06-08 07:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-12 21:14 - 2018-06-08 07:38 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-12 21:14 - 2018-06-08 07:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-06-12 21:14 - 2018-06-08 07:36 - 006060032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-12 21:14 - 2018-06-08 07:36 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 007812608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-12 21:14 - 2018-06-08 07:35 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-12 21:13 - 2018-06-08 09:36 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-06-12 21:13 - 2018-06-08 09:36 - 000137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-12 21:13 - 2018-06-08 09:35 - 001093040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-12 21:13 - 2018-06-08 09:35 - 000924656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-12 21:13 - 2018-06-08 09:35 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-12 21:13 - 2018-06-08 09:35 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-12 21:13 - 2018-06-08 09:34 - 000748472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-06-12 21:13 - 2018-06-08 09:34 - 000423352 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-06-12 21:13 - 2018-06-08 09:32 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-06-12 21:13 - 2018-06-08 09:32 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-06-12 21:13 - 2018-06-08 09:30 - 001416360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-12 21:13 - 2018-06-08 09:29 - 001849760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-12 21:13 - 2018-06-08 09:29 - 001210272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-12 21:13 - 2018-06-08 09:29 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-12 21:13 - 2018-06-08 09:29 - 000028576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-12 21:13 - 2018-06-08 09:26 - 000712456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-12 21:13 - 2018-06-08 09:26 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-06-12 21:13 - 2018-06-08 09:25 - 000525728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-12 21:13 - 2018-06-08 09:24 - 006282280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-12 21:13 - 2018-06-08 09:24 - 001488288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-12 21:13 - 2018-06-08 09:24 - 001029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-06-12 21:13 - 2018-06-08 09:24 - 000247712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-12 21:13 - 2018-06-08 09:23 - 002472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-12 21:13 - 2018-06-08 09:23 - 000706464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-12 21:13 - 2018-06-08 09:23 - 000677304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-12 21:13 - 2018-06-08 09:23 - 000137552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-12 21:13 - 2018-06-08 09:22 - 001358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-12 21:13 - 2018-06-08 09:22 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-12 21:13 - 2018-06-08 09:21 - 001206104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-06-12 21:13 - 2018-06-08 09:21 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-12 21:13 - 2018-06-08 08:18 - 000212920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-06-12 21:13 - 2018-06-08 08:10 - 001124768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-12 21:13 - 2018-06-08 08:09 - 002993728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-12 21:13 - 2018-06-08 08:09 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-12 21:13 - 2018-06-08 08:08 - 001075984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-12 21:13 - 2018-06-08 08:08 - 000640024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-12 21:13 - 2018-06-08 08:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-06-12 21:13 - 2018-06-08 08:07 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-12 21:13 - 2018-06-08 08:06 - 001131696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-06-12 21:13 - 2018-06-08 08:06 - 000129208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-06-12 21:13 - 2018-06-08 08:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-12 21:13 - 2018-06-08 08:05 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-12 21:13 - 2018-06-08 08:05 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanelExternalHook.dll
2018-06-12 21:13 - 2018-06-08 08:04 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-12 21:13 - 2018-06-08 08:04 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-12 21:13 - 2018-06-08 08:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-12 21:13 - 2018-06-08 08:01 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-06-12 21:13 - 2018-06-08 08:01 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-12 21:13 - 2018-06-08 08:00 - 003180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-12 21:13 - 2018-06-08 08:00 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-12 21:13 - 2018-06-08 08:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2018-06-12 21:13 - 2018-06-08 07:59 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-12 21:13 - 2018-06-08 07:59 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-12 21:13 - 2018-06-08 07:58 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-12 21:13 - 2018-06-08 07:56 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-12 21:13 - 2018-06-08 07:53 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-12 21:13 - 2018-06-08 07:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-06-12 21:13 - 2018-06-08 07:52 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-06-12 21:13 - 2018-06-08 07:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-12 21:13 - 2018-06-08 07:40 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-06-12 21:13 - 2018-06-08 07:39 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2018-06-12 21:13 - 2018-06-08 07:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-12 21:13 - 2018-06-08 07:35 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-12 21:13 - 2018-06-08 07:34 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2018-06-12 17:05 - 2018-06-12 17:08 - 000000000 ____D C:\Users\kolca\AppData\Local\Ubisoft Game Launcher
2018-06-12 17:05 - 2018-06-12 17:05 - 000000766 _____ C:\Users\kolca\Desktop\Uplay.lnk
2018-06-12 17:05 - 2018-06-12 17:05 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2018-06-09 20:24 - 2018-06-09 20:24 - 000000000 ____D C:\Users\kolca\Documents\My Games
2018-06-09 20:24 - 2018-06-09 20:24 - 000000000 ____D C:\Users\kolca\AppData\Roaming\EasyAntiCheat
2018-06-09 20:17 - 2018-06-09 20:17 - 000000222 _____ C:\Users\kolca\Desktop\Realm Royale.url
2018-06-09 11:40 - 2018-06-09 11:40 - 000000702 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-09 11:40 - 2018-06-09 11:40 - 000000000 ____D C:\Users\kolca\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-09 11:40 - 2018-06-09 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-09 11:05 - 2018-06-09 11:05 - 000000000 ____D C:\swsetup
2018-06-09 11:05 - 2018-06-09 11:05 - 000000000 ____D C:\Program Files\IDT
2018-06-06 12:04 - 2018-06-06 12:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-06-06 12:04 - 2018-03-24 01:50 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-06-06 12:04 - 2018-03-24 01:02 - 005952392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 002596320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 001767824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000633224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000451040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000123840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000083072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-06-06 12:04 - 2018-03-21 13:22 - 008114212 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-06-06 12:02 - 2018-03-25 18:15 - 000998424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-06-06 12:02 - 2018-03-25 18:15 - 000950016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-06-06 12:02 - 2018-03-25 18:15 - 000625504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-06-06 12:02 - 2018-03-25 18:15 - 000516024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 004318112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 003719096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001985112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439135.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001683712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439135.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001138720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001065888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-06-06 12:02 - 2018-03-25 18:13 - 040278608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-06-06 12:02 - 2018-03-25 18:13 - 035188992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-06-06 12:02 - 2018-03-25 18:10 - 013571520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-06-06 12:02 - 2018-03-25 18:10 - 011132384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 019855144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 016496776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001355216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001346128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001153744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001067560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001061352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 000650232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 012967056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 011001504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 004633920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 003939624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-06-06 12:02 - 2018-03-24 03:19 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-06-05 17:14 - 2018-06-05 17:21 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Guild Wars 2
2018-06-05 12:34 - 2018-06-05 13:03 - 000000660 _____ C:\Users\kolca\Desktop\text.txt
2018-06-05 00:13 - 2018-06-05 00:13 - 000000000 ____D C:\Users\kolca\Unigine Heaven
2018-06-05 00:09 - 2018-06-05 00:09 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-06-04 23:54 - 2018-06-04 23:54 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-06-04 23:54 - 2018-06-04 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-06-04 23:54 - 2018-05-23 00:00 - 002495936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 002163648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 001311680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 000209192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 000169256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-06-04 23:52 - 2018-05-23 00:00 - 000067432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-06-04 23:52 - 2018-03-24 03:19 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-06-04 21:16 - 2018-06-04 23:54 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-02 07:09 - 2018-06-13 12:42 - 000281088 _____ (www.xmrig.com) C:\WINDOWS\sound32.exe
2018-06-01 20:27 - 2018-06-01 21:19 - 000000029 _____ C:\WINDOWS\system32\heslo.txt
2018-06-01 20:27 - 2018-06-01 21:19 - 000000000 _____ C:\WINDOWS\system32\null
2018-06-01 20:27 - 2018-06-01 20:27 - 000003262 _____ C:\WINDOWS\System32\Tasks\WinMgr
2018-06-01 19:38 - 2018-06-01 19:38 - 000000945 _____ C:\Users\kolca\Desktop\µTorrent.lnk
2018-05-31 15:31 - 2018-05-31 15:31 - 000000222 _____ C:\Users\kolca\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2018-05-30 17:11 - 2018-05-12 15:57 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-05-30 17:11 - 2018-05-12 15:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-05-30 17:11 - 2018-05-12 15:55 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-05-30 17:11 - 2018-05-12 15:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-05-30 17:11 - 2018-05-12 15:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-05-30 17:11 - 2018-05-12 15:52 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-05-30 17:11 - 2018-05-12 15:52 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
2018-05-30 17:11 - 2018-05-12 01:15 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-05-30 17:11 - 2018-05-12 01:15 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-30 17:11 - 2018-05-12 01:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-30 17:11 - 2018-05-12 01:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-05-30 17:11 - 2018-05-12 01:10 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-30 17:11 - 2018-05-12 01:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-30 17:11 - 2018-05-12 01:10 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-30 17:11 - 2018-05-12 01:09 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-05-30 17:11 - 2018-05-12 01:09 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-05-30 17:11 - 2018-05-12 01:08 - 000757792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-30 17:11 - 2018-05-12 01:08 - 000428440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-05-30 17:11 - 2018-05-12 01:08 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-30 17:11 - 2018-05-12 01:07 - 002711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-30 17:11 - 2018-05-12 01:07 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-30 17:11 - 2018-05-12 01:07 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-30 17:11 - 2018-05-12 01:07 - 001084736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-05-30 17:11 - 2018-05-12 01:05 - 000616792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-05-30 17:11 - 2018-05-11 23:54 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-05-30 17:11 - 2018-05-11 23:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 001033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:52 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
2018-05-30 17:11 - 2018-05-11 23:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-05-30 17:11 - 2018-05-11 23:52 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-05-30 17:11 - 2018-05-11 23:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 002186240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-30 17:11 - 2018-05-11 23:49 - 001685504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2018-05-30 17:11 - 2018-05-11 23:48 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-30 17:11 - 2018-05-11 23:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-05-30 17:11 - 2018-05-11 23:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-05-30 17:11 - 2018-05-11 23:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-05-30 17:11 - 2018-05-11 23:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-05-30 17:11 - 2018-05-11 23:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-30 17:11 - 2018-05-11 23:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-30 17:11 - 2018-05-11 23:45 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-30 17:11 - 2018-05-11 23:44 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-05-30 17:11 - 2018-05-11 23:42 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-05-30 17:11 - 2018-05-11 23:41 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-30 17:11 - 2018-05-11 23:40 - 001363968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:40 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-05-30 17:11 - 2018-05-11 23:39 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-30 17:11 - 2018-05-11 23:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-05-30 17:11 - 2018-05-11 23:33 - 002762752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-05-30 17:11 - 2018-05-11 23:31 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
2018-05-30 17:11 - 2018-05-11 23:31 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-05-30 17:11 - 2018-05-11 23:31 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2018-05-30 17:11 - 2018-05-11 23:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2018-05-30 17:11 - 2018-05-11 23:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2018-05-30 17:11 - 2018-05-11 23:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-05-30 17:11 - 2018-05-11 23:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-05-30 17:11 - 2018-05-11 23:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2018-05-30 17:11 - 2018-05-11 23:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-30 17:11 - 2018-05-11 23:26 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2018-05-30 17:11 - 2018-05-11 23:20 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-30 17:11 - 2018-05-11 23:20 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:19 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-29 21:19 - 2018-05-29 21:19 - 000000000 ___HD C:\$SysReset
2018-05-29 11:27 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-25 15:06 - 2018-06-19 00:53 - 000000000 ____D C:\Program Files (x86)\VulkanRT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-21 20:47 - 2017-11-23 01:59 - 000000000 ____D C:\Users\kolca\AppData\Local\Battle.net
2018-06-21 20:47 - 2017-07-18 17:33 - 000000000 ____D C:\Users\kolca\AppData\Roaming\TS3Client
2018-06-21 18:31 - 2017-07-18 17:11 - 000000000 ____D C:\Users\kolca\AppData\Local\CrashDumps
2018-06-21 17:07 - 2017-04-11 05:26 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-21 16:55 - 2017-11-23 03:29 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F58D713F-D1DA-43FA-BD0E-C2C55C1447E3}
2018-06-21 16:15 - 2017-11-23 03:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-21 13:50 - 2017-12-17 15:15 - 000000000 ____D C:\WINDOWS\Panther
2018-06-21 10:38 - 2017-11-23 03:36 - 004716394 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-21 10:32 - 2017-11-23 03:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-21 10:32 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-21 10:32 - 2017-07-18 15:00 - 000000000 __SHD C:\Users\kolca\IntelGraphicsProfiles
2018-06-21 10:25 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-21 10:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-06-21 10:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-21 00:40 - 2017-11-23 03:29 - 000028394 _____ C:\WINDOWS\diagwrn.xml
2018-06-21 00:40 - 2017-11-23 03:29 - 000022863 _____ C:\WINDOWS\diagerr.xml
2018-06-20 10:22 - 2017-09-20 23:01 - 000000652 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-06-19 02:44 - 2017-11-23 03:26 - 000000000 ____D C:\Users\kolca
2018-06-19 02:41 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-06-19 02:17 - 2017-11-23 03:24 - 005014368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-19 00:53 - 2017-07-18 17:54 - 000000000 ____D C:\Program Files\Intel
2018-06-18 20:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-18 13:25 - 2018-01-25 19:55 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Twitch
2018-06-18 08:27 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-18 08:27 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-06-18 08:27 - 2017-09-28 14:52 - 000000000 ____D C:\Program Files\Microsoft Office
2018-06-15 20:03 - 2018-01-31 18:18 - 000000000 ____D C:\Users\kolca\AppData\Roaming\discord
2018-06-14 11:22 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-06-13 12:49 - 2017-11-28 02:36 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-13 12:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-13 12:46 - 2017-07-24 11:04 - 000000000 ____D C:\Users\kolca\AppData\Roaming\uTorrent
2018-06-13 12:31 - 2017-07-18 15:00 - 000000000 ____D C:\Users\kolca\AppData\Local\NVIDIA
2018-06-13 12:24 - 2018-04-23 18:17 - 039762304 _____ C:\Users\kolca\Desktop\MSIAfterburnerSetup450.exe
2018-06-12 23:08 - 2017-11-23 03:31 - 000000000 ___RD C:\Users\kolca\3D Objects
2018-06-12 23:08 - 2017-11-23 03:26 - 000000000 ____D C:\Users\kolca\AppData\Local\Packages
2018-06-12 23:08 - 2017-04-11 05:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-12 22:02 - 2017-07-18 16:46 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-12 21:16 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-12 21:13 - 2017-07-18 18:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-12 21:11 - 2017-10-10 21:34 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-12 21:11 - 2017-07-18 18:11 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-11 10:41 - 2017-07-18 17:55 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-06-09 20:24 - 2018-03-22 11:38 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-06-09 20:17 - 2017-08-06 23:51 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-06-09 14:38 - 2017-07-18 15:01 - 000000000 ____D C:\Users\kolca\AppData\Local\NVIDIA Corporation
2018-06-09 11:05 - 2017-04-11 05:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-08 15:28 - 2018-03-13 14:53 - 000004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-08 15:28 - 2017-11-23 03:29 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-06-08 15:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-08 15:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-07 23:23 - 2017-12-09 20:03 - 000000000 ____D C:\Users\kolca\AppData\Local\Spotify
2018-06-07 22:58 - 2017-12-09 20:02 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Spotify
2018-06-07 15:09 - 2017-09-20 15:27 - 000000000 ____D C:\Users\kolca\AppData\Roaming\DC++
2018-06-07 15:09 - 2017-09-20 15:27 - 000000000 ____D C:\Users\kolca\AppData\Local\DC++
2018-06-06 12:04 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Help
2018-06-06 12:04 - 2017-07-18 17:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-06-06 12:04 - 2017-07-18 17:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-06-06 12:04 - 2017-04-11 05:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-06-06 01:24 - 2017-09-29 15:49 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:24 - 2017-09-29 15:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-05 18:29 - 2018-05-17 23:56 - 000000000 ____D C:\Users\kolca\AppData\Roaming\.minecraft
2018-06-05 00:09 - 2017-08-16 20:49 - 000000000 ____D C:\Users\kolca\AppData\Roaming\vlc
2018-06-04 09:32 - 2017-12-19 03:09 - 000000000 ____D C:\WINDOWS\Minidump
2018-06-01 19:38 - 2017-08-15 23:45 - 000000000 ____D C:\Users\kolca\AppData\LocalLow\Mozilla
2018-06-01 19:38 - 2017-07-24 11:04 - 000000925 _____ C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-05-30 17:31 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-30 17:31 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-29 21:20 - 2018-03-12 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simulationcraft(x64)
2018-05-29 21:20 - 2018-02-07 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2018-05-29 21:20 - 2018-01-31 18:18 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-05-29 21:20 - 2018-01-30 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application
2018-05-29 21:20 - 2018-01-10 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hardware_info
2018-05-29 21:20 - 2018-01-06 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2018-05-29 21:20 - 2017-12-15 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuckDns
2018-05-29 21:20 - 2017-11-30 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2018-05-29 21:20 - 2017-11-30 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2018-05-29 21:20 - 2017-11-30 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-05-29 21:20 - 2017-11-24 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2018-05-29 21:20 - 2017-11-23 03:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2018-05-29 21:20 - 2017-11-23 03:25 - 000000000 ____D C:\WINDOWS\system32\IntelSSTAPO
2018-05-29 21:20 - 2017-11-23 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-05-29 21:20 - 2017-11-17 01:12 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-05-29 21:20 - 2017-11-17 01:10 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-05-29 21:20 - 2017-11-17 01:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-05-29 21:20 - 2017-10-13 20:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-05-29 21:20 - 2017-10-08 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2018-05-29 21:20 - 2017-10-07 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-05-29 21:20 - 2017-09-30 12:34 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-05-29 21:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-29 21:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-29 21:20 - 2017-09-29 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-29 21:20 - 2017-09-29 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-05-29 21:20 - 2017-09-29 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueJ FRI
2018-05-29 21:20 - 2017-09-28 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2018-05-29 21:20 - 2017-09-20 15:27 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC++
2018-05-29 21:20 - 2017-09-11 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RarZilla Free Unrar
2018-05-29 21:20 - 2017-09-05 10:07 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2018-05-29 21:20 - 2017-07-26 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2018-05-29 21:20 - 2017-07-18 15:00 - 000000000 ____D C:\Users\kolca\AppData\Local\TileDataLayer
2018-05-29 21:20 - 2017-07-18 14:52 - 000000000 ____D C:\WINDOWS\oem
2018-05-29 21:20 - 2017-04-11 05:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2018-05-29 21:20 - 2017-04-11 05:32 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2018-05-29 21:20 - 2017-04-11 05:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-05-29 11:32 - 2017-08-08 13:47 - 000000000 ____D C:\Users\kolca\AppData\Local\ElevatedDiagnostics
2018-05-29 11:21 - 2018-04-12 12:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-29 11:21 - 2017-08-15 23:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-29 11:21 - 2017-08-15 23:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-24 16:29 - 2017-11-22 20:56 - 000000000 ____D C:\Users\kolca\Documents\Sound recordings
2018-05-24 14:58 - 2017-12-03 22:11 - 000000271 _____ C:\Users\kolca\Documents\ClownfishForTeamspeak.ini
2018-05-23 00:00 - 2017-07-18 19:46 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
==================== Files in the root of some directories =======
2018-04-04 17:21 - 2018-04-04 17:27 - 000000132 _____ () C:\Users\kolca\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-11-30 13:51 - 2017-11-30 14:56 - 000000600 _____ () C:\Users\kolca\AppData\Local\PUTTY.RND
2018-01-07 11:52 - 2018-01-09 22:53 - 000007602 _____ () C:\Users\kolca\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2018-06-17 19:04 - 2018-06-21 17:08 - 000000000 _____ () C:\Users\kolca\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-06-17 19:04 - 2018-06-21 17:08 - 000000017 _____ () C:\Users\kolca\AppData\Local\Temp\07b2f39824a7efc1bea9743598964831.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-18 16:52
==================== End of FRST.txt ============================
Ran by kolca (administrator) on LAPTOP-1R365B88 (21-06-2018 20:47:21)
Running from C:\Users\kolca\Desktop
Loaded Profiles: kolca (Available Profiles: kolca)
Platform: Windows 10 Home Version 1709 16299.492 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\WINDOWS\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() D:\Kokotiny\aburner\MSI Afterburner\MSIAfterburner.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\plugins\ColorIntelligence\CACE.exe
(Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_43155d58ecd36b2e\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Discord Inc.) C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6244\Agent.exe
(Blizzard Entertainment) D:\battlenet\Battle.net\Battle.net.exe
(Blizzard Entertainment) D:\battlenet\Battle.net\Battle.net.10202\Battle.net Helper.exe
(Blizzard Entertainment) D:\battlenet\Battle.net\Battle.net.10202\Battle.net Helper.exe
(Blizzard Entertainment) D:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Microsoft Corporation) C:\WINDOWS\System32\GameBarPresenceWriter.exe
(TeamSpeak Systems GmbH) D:\Program Files\Teamspeak\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16709128 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [FACEIT] => D:\Kokotiny\FACEIT\FACEIT.exe [81046232 2017-10-31] (FACEIT Ltd.)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [Spotify] => C:\Users\kolca\AppData\Roaming\Spotify\Spotify.exe [23177616 2018-05-22] (Spotify Ltd)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [56368 2017-10-30] (Locktime Software)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [TSMApplication] => D:\Kokotiny\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2017-12-03] ()
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [Discord] => C:\Users\kolca\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [uTorrent] => C:\Users\kolca\AppData\Roaming\uTorrent\uTorrent.exe [1987512 2018-06-01] (BitTorrent Inc.)
HKU\S-1-5-21-907423362-3305526511-137660631-1001\...\Run: [Spotify Web Helper] => C:\Users\kolca\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-05-22] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DuckDns.lnk [2017-12-15]
ShortcutTarget: DuckDns.lnk -> C:\Program Files (x86)\DuckDNS\DuckDns.exe ()
Startup: C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-01-25]
ShortcutTarget: Twitch.lnk -> C:\Users\kolca\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.200.4 172.17.200.2
Tcpip\..\Interfaces\{0ddc3128-c889-4b6f-9687-7b45ed54c312}: [DhcpNameServer] 192.168.1.10 195.146.132.59 195.146.128.60
Tcpip\..\Interfaces\{316caf56-5a33-44dd-a48e-d555322a91e6}: [DhcpNameServer] 172.17.200.4 172.17.200.2
Tcpip\..\Interfaces\{3329436a-d1ef-4b5c-9fd4-4885dabd3f42}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54634ac0-d9e6-422d-b4a9-8d38f8074075}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{b5c4a622-984a-450d-8294-4a8e26c852d4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e352fee6-5aae-4877-a48b-92bae5b1b551}: [DhcpNameServer] 172.17.200.2 172.17.200.4
Internet Explorer:
==================
HKU\S-1-5-21-907423362-3305526511-137660631-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> DefaultScope {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180601__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-06-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-10-01] (Oracle Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-28] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: htacdveg.default
FF ProfilePath: C:\Users\kolca\AppData\Roaming\Mozilla\Firefox\Profiles\htacdveg.default [2018-06-13]
FF Homepage: Mozilla\Firefox\Profiles\htacdveg.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180601__yaff
FF NewTab: Mozilla\Firefox\Profiles\htacdveg.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180601__yaff
FF SearchPlugin: C:\Users\kolca\AppData\Roaming\Mozilla\Firefox\Profiles\htacdveg.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-06-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-08] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-05-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Default Search
CHR Profile: C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default [2018-06-21]
CHR Extension: (Slides) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (BetterTTV) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-21]
CHR Extension: (Docs) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-18]
CHR Extension: (FACEIT HELPER) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjdhcabjnhhifipbnopnfpfidkafanjf [2017-12-05]
CHR Extension: (YouTube) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-18]
CHR Extension: (Ban Checker for Steam) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2018-06-19]
CHR Extension: (Adblock Plus) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-16]
CHR Extension: (Steam Inventory Helper) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2018-06-19]
CHR Extension: (Sheets) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\kolca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-18] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-06-14] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8654504 2018-06-12] (Microsoft Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-09] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2016-09-19] (Intel Corporation)
S4 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [332848 2017-10-30] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-23] (NVIDIA Corporation)
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
S4 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
S4 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-28] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (Apple Inc.)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN Microelectronic Corp.)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [9369040 2018-02-10] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-09-13] (Acer Incorporated)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178544 2017-10-30] (Locktime Software)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-05-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-09-13] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 RTCore64; D:\Kokotiny\aburner\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realsil Semiconductor Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [210680 2017-10-18] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-21 20:47 - 2018-06-21 20:47 - 000023887 _____ C:\Users\kolca\Desktop\FRST.txt
2018-06-21 20:46 - 2018-06-21 20:47 - 000000000 ____D C:\FRST
2018-06-21 20:46 - 2018-06-21 20:46 - 002412544 _____ (Farbar) C:\Users\kolca\Desktop\FRST64.exe
2018-06-21 13:22 - 2018-06-21 13:50 - 000000000 ____D C:\ESD
2018-06-21 13:20 - 2018-06-21 13:20 - 000000000 ___HD C:\$Windows.~WS
2018-06-21 13:20 - 2018-06-21 00:39 - 019119064 _____ (Microsoft Corporation) C:\Users\kolca\Desktop\MediaCreationTool1803.exe
2018-06-21 10:22 - 2018-06-21 10:21 - 007372496 _____ (Malwarebytes) C:\Users\kolca\Desktop\adwcleaner_7.2.0 (1).exe
2018-06-19 15:32 - 2018-06-19 15:32 - 000000000 ____D C:\rsit
2018-06-19 15:32 - 2018-06-19 15:32 - 000000000 ____D C:\Program Files\trend micro
2018-06-19 15:15 - 2018-06-19 15:16 - 000000000 ____D C:\AdwCleaner
2018-06-19 02:53 - 2018-06-19 02:53 - 000000237 _____ C:\DelFix.txt
2018-06-19 02:33 - 2018-06-19 02:33 - 000000072 ___SH C:\bootTel.dat
2018-06-18 08:27 - 2018-06-18 08:27 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-06-17 00:43 - 2018-06-17 00:44 - 000000000 ____D C:\ProgramData\Wondershare
2018-06-17 00:42 - 2018-06-17 00:43 - 000000000 ____D C:\Users\kolca\Documents\Wondershare Filmora
2018-06-17 00:42 - 2018-06-17 00:42 - 000000000 ____D C:\Users\kolca\AppData\Local\Wondershare
2018-06-17 00:41 - 2018-06-17 00:42 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-06-13 12:47 - 2018-06-13 12:47 - 000296676 _____ C:\Users\kolca\Documents\cc_20180613_124718.reg
2018-06-13 12:39 - 2018-06-13 12:39 - 000000000 ____D C:\WINDOWS\pss
2018-06-13 12:29 - 2018-06-21 00:40 - 000003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-06-13 12:25 - 2018-06-13 12:25 - 000000877 _____ C:\Users\kolca\Desktop\MSI Afterburner.lnk
2018-06-13 12:25 - 2018-06-13 12:25 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2018-06-13 12:22 - 2018-06-13 12:22 - 000000762 _____ C:\Users\kolca\Desktop\MSI Kombustor 3.lnk
2018-06-13 12:22 - 2018-06-13 12:22 - 000000000 ____D C:\Users\kolca\AppData\Roaming\NVIDIA
2018-06-13 12:22 - 2018-06-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2018-06-13 12:19 - 2018-06-13 12:19 - 000000000 ____D C:\Users\kolca\Desktop\PUBG 1.0 FPS pack by Panj
2018-06-12 21:14 - 2018-06-08 19:26 - 021754880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-12 21:14 - 2018-06-08 19:26 - 017084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-12 21:14 - 2018-06-08 19:03 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-12 21:14 - 2018-06-08 18:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-12 21:14 - 2018-06-08 18:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-12 21:14 - 2018-06-08 13:42 - 002491120 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-12 21:14 - 2018-06-08 13:41 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-12 21:14 - 2018-06-08 09:33 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-06-12 21:14 - 2018-06-08 09:33 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-12 21:14 - 2018-06-08 09:33 - 001056184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-12 21:14 - 2018-06-08 09:33 - 000269720 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-06-12 21:14 - 2018-06-08 09:32 - 001638432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-12 21:14 - 2018-06-08 09:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-12 21:14 - 2018-06-08 09:32 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-12 21:14 - 2018-06-08 09:30 - 008594848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-12 21:14 - 2018-06-08 09:30 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-12 21:14 - 2018-06-08 09:30 - 001953544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-12 21:14 - 2018-06-08 09:29 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-12 21:14 - 2018-06-08 09:27 - 001173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-12 21:14 - 2018-06-08 09:27 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-12 21:14 - 2018-06-08 09:25 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-06-12 21:14 - 2018-06-08 09:24 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-12 21:14 - 2018-06-08 09:24 - 003009736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-12 21:14 - 2018-06-08 09:24 - 002711248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-12 21:14 - 2018-06-08 09:24 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-12 21:14 - 2018-06-08 09:24 - 000891808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-06-12 21:14 - 2018-06-08 09:23 - 021357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-12 21:14 - 2018-06-08 09:23 - 004486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-12 21:14 - 2018-06-08 09:23 - 002412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-12 21:14 - 2018-06-08 09:23 - 000824904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 006791992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 001269640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 000688072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-12 21:14 - 2018-06-08 09:22 - 000093624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 007385096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 001779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-12 21:14 - 2018-06-08 09:21 - 000594080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-12 21:14 - 2018-06-08 09:20 - 001101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-12 21:14 - 2018-06-08 08:26 - 025256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-12 21:14 - 2018-06-08 08:21 - 001931256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-12 21:14 - 2018-06-08 08:21 - 001614168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-12 21:14 - 2018-06-08 08:21 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-12 21:14 - 2018-06-08 08:19 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-12 21:14 - 2018-06-08 08:18 - 000097160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-12 21:14 - 2018-06-08 08:10 - 003485400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-06-12 21:14 - 2018-06-08 08:10 - 002338272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 017161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 006092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-12 21:14 - 2018-06-08 08:09 - 000832952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2018-06-12 21:14 - 2018-06-08 08:09 - 000791968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-06-12 21:14 - 2018-06-08 08:09 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-06-12 21:14 - 2018-06-08 08:08 - 020290256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-12 21:14 - 2018-06-08 08:08 - 003979696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-12 21:14 - 2018-06-08 08:08 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-12 21:14 - 2018-06-08 08:08 - 001990672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-12 21:14 - 2018-06-08 08:08 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 002386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000975360 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-12 21:14 - 2018-06-08 08:07 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 006015208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 004668688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 001524784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 000551696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-12 21:14 - 2018-06-08 08:06 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-06-12 21:14 - 2018-06-08 08:05 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-12 21:14 - 2018-06-08 08:04 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-12 21:14 - 2018-06-08 08:04 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-12 21:14 - 2018-06-08 08:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-12 21:14 - 2018-06-08 08:03 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-12 21:14 - 2018-06-08 08:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-12 21:14 - 2018-06-08 08:03 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-06-12 21:14 - 2018-06-08 08:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-06-12 21:14 - 2018-06-08 08:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-12 21:14 - 2018-06-08 08:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-12 21:14 - 2018-06-08 08:00 - 012833792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-12 21:14 - 2018-06-08 08:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-06-12 21:14 - 2018-06-08 08:00 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 003124224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-06-12 21:14 - 2018-06-08 07:59 - 001116672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-12 21:14 - 2018-06-08 07:59 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-12 21:14 - 2018-06-08 07:58 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-12 21:14 - 2018-06-08 07:57 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-12 21:14 - 2018-06-08 07:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 001135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-12 21:14 - 2018-06-08 07:57 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-12 21:14 - 2018-06-08 07:56 - 002528768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-12 21:14 - 2018-06-08 07:56 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-12 21:14 - 2018-06-08 07:55 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-06-12 21:14 - 2018-06-08 07:52 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-06-12 21:14 - 2018-06-08 07:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-12 21:14 - 2018-06-08 07:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-12 21:14 - 2018-06-08 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-12 21:14 - 2018-06-08 07:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-06-12 21:14 - 2018-06-08 07:45 - 018930688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-12 21:14 - 2018-06-08 07:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-06-12 21:14 - 2018-06-08 07:44 - 019358720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-12 21:14 - 2018-06-08 07:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-12 21:14 - 2018-06-08 07:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-12 21:14 - 2018-06-08 07:43 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-06-12 21:14 - 2018-06-08 07:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-12 21:14 - 2018-06-08 07:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-12 21:14 - 2018-06-08 07:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-06-12 21:14 - 2018-06-08 07:39 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-12 21:14 - 2018-06-08 07:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-12 21:14 - 2018-06-08 07:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-06-12 21:14 - 2018-06-08 07:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-12 21:14 - 2018-06-08 07:38 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-12 21:14 - 2018-06-08 07:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-06-12 21:14 - 2018-06-08 07:36 - 006060032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-12 21:14 - 2018-06-08 07:36 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 007812608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-12 21:14 - 2018-06-08 07:35 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-12 21:14 - 2018-06-08 07:35 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-12 21:13 - 2018-06-08 09:36 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-06-12 21:13 - 2018-06-08 09:36 - 000137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-12 21:13 - 2018-06-08 09:35 - 001093040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-12 21:13 - 2018-06-08 09:35 - 000924656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-12 21:13 - 2018-06-08 09:35 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-12 21:13 - 2018-06-08 09:35 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-12 21:13 - 2018-06-08 09:34 - 000748472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-06-12 21:13 - 2018-06-08 09:34 - 000423352 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-12 21:13 - 2018-06-08 09:33 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-06-12 21:13 - 2018-06-08 09:32 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-06-12 21:13 - 2018-06-08 09:32 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-06-12 21:13 - 2018-06-08 09:30 - 001416360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-12 21:13 - 2018-06-08 09:29 - 001849760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-12 21:13 - 2018-06-08 09:29 - 001210272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-12 21:13 - 2018-06-08 09:29 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-12 21:13 - 2018-06-08 09:29 - 000028576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-12 21:13 - 2018-06-08 09:26 - 000712456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-12 21:13 - 2018-06-08 09:26 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-06-12 21:13 - 2018-06-08 09:25 - 000525728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-12 21:13 - 2018-06-08 09:24 - 006282280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-12 21:13 - 2018-06-08 09:24 - 001488288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-12 21:13 - 2018-06-08 09:24 - 001029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-06-12 21:13 - 2018-06-08 09:24 - 000247712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-12 21:13 - 2018-06-08 09:23 - 002472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-12 21:13 - 2018-06-08 09:23 - 000706464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-12 21:13 - 2018-06-08 09:23 - 000677304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-12 21:13 - 2018-06-08 09:23 - 000137552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-12 21:13 - 2018-06-08 09:22 - 001358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-12 21:13 - 2018-06-08 09:22 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-12 21:13 - 2018-06-08 09:21 - 001206104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-06-12 21:13 - 2018-06-08 09:21 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-12 21:13 - 2018-06-08 08:18 - 000212920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-06-12 21:13 - 2018-06-08 08:10 - 001124768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-12 21:13 - 2018-06-08 08:09 - 002993728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-12 21:13 - 2018-06-08 08:09 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-12 21:13 - 2018-06-08 08:08 - 001075984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-12 21:13 - 2018-06-08 08:08 - 000640024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-12 21:13 - 2018-06-08 08:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-06-12 21:13 - 2018-06-08 08:07 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-12 21:13 - 2018-06-08 08:06 - 001131696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-06-12 21:13 - 2018-06-08 08:06 - 000129208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-06-12 21:13 - 2018-06-08 08:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-12 21:13 - 2018-06-08 08:05 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-12 21:13 - 2018-06-08 08:05 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanelExternalHook.dll
2018-06-12 21:13 - 2018-06-08 08:04 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-12 21:13 - 2018-06-08 08:04 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-12 21:13 - 2018-06-08 08:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-12 21:13 - 2018-06-08 08:01 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-06-12 21:13 - 2018-06-08 08:01 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-12 21:13 - 2018-06-08 08:00 - 003180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-12 21:13 - 2018-06-08 08:00 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-12 21:13 - 2018-06-08 08:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2018-06-12 21:13 - 2018-06-08 07:59 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-12 21:13 - 2018-06-08 07:59 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-12 21:13 - 2018-06-08 07:58 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-12 21:13 - 2018-06-08 07:56 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-12 21:13 - 2018-06-08 07:53 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-12 21:13 - 2018-06-08 07:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-06-12 21:13 - 2018-06-08 07:52 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-06-12 21:13 - 2018-06-08 07:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-12 21:13 - 2018-06-08 07:40 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-06-12 21:13 - 2018-06-08 07:39 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2018-06-12 21:13 - 2018-06-08 07:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-12 21:13 - 2018-06-08 07:35 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-12 21:13 - 2018-06-08 07:34 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2018-06-12 17:05 - 2018-06-12 17:08 - 000000000 ____D C:\Users\kolca\AppData\Local\Ubisoft Game Launcher
2018-06-12 17:05 - 2018-06-12 17:05 - 000000766 _____ C:\Users\kolca\Desktop\Uplay.lnk
2018-06-12 17:05 - 2018-06-12 17:05 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2018-06-09 20:24 - 2018-06-09 20:24 - 000000000 ____D C:\Users\kolca\Documents\My Games
2018-06-09 20:24 - 2018-06-09 20:24 - 000000000 ____D C:\Users\kolca\AppData\Roaming\EasyAntiCheat
2018-06-09 20:17 - 2018-06-09 20:17 - 000000222 _____ C:\Users\kolca\Desktop\Realm Royale.url
2018-06-09 11:40 - 2018-06-09 11:40 - 000000702 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-09 11:40 - 2018-06-09 11:40 - 000000000 ____D C:\Users\kolca\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-09 11:40 - 2018-06-09 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-09 11:05 - 2018-06-09 11:05 - 000000000 ____D C:\swsetup
2018-06-09 11:05 - 2018-06-09 11:05 - 000000000 ____D C:\Program Files\IDT
2018-06-06 12:04 - 2018-06-06 12:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-06-06 12:04 - 2018-03-24 01:50 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-06-06 12:04 - 2018-03-24 01:02 - 005952392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 002596320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 001767824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000633224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000451040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000123840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-06-06 12:04 - 2018-03-24 01:02 - 000083072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-06-06 12:04 - 2018-03-21 13:22 - 008114212 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-06-06 12:02 - 2018-03-25 18:15 - 000998424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-06-06 12:02 - 2018-03-25 18:15 - 000950016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-06-06 12:02 - 2018-03-25 18:15 - 000625504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-06-06 12:02 - 2018-03-25 18:15 - 000516024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 004318112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 003719096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001985112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439135.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001683712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439135.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001138720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-06-06 12:02 - 2018-03-25 18:14 - 001065888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-06-06 12:02 - 2018-03-25 18:13 - 040278608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-06-06 12:02 - 2018-03-25 18:13 - 035188992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-06-06 12:02 - 2018-03-25 18:10 - 013571520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-06-06 12:02 - 2018-03-25 18:10 - 011132384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 019855144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 016496776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001355216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001346128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001153744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001067560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 001061352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-06-06 12:02 - 2018-03-25 18:09 - 000650232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 012967056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 011001504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 004633920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-06-06 12:02 - 2018-03-25 18:08 - 003939624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-06-06 12:02 - 2018-03-24 03:19 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-06-05 17:14 - 2018-06-05 17:21 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Guild Wars 2
2018-06-05 12:34 - 2018-06-05 13:03 - 000000660 _____ C:\Users\kolca\Desktop\text.txt
2018-06-05 00:13 - 2018-06-05 00:13 - 000000000 ____D C:\Users\kolca\Unigine Heaven
2018-06-05 00:09 - 2018-06-05 00:09 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-06-04 23:54 - 2018-06-04 23:54 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 23:54 - 2018-06-04 23:54 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-06-04 23:54 - 2018-06-04 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-06-04 23:54 - 2018-05-23 00:00 - 002495936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 002163648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 001311680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 000209192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-06-04 23:54 - 2018-05-23 00:00 - 000169256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-06-04 23:52 - 2018-05-23 00:00 - 000067432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-06-04 23:52 - 2018-03-24 03:19 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-06-04 21:16 - 2018-06-04 23:54 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-04 21:16 - 2018-06-04 23:54 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-02 07:09 - 2018-06-13 12:42 - 000281088 _____ (www.xmrig.com) C:\WINDOWS\sound32.exe
2018-06-01 20:27 - 2018-06-01 21:19 - 000000029 _____ C:\WINDOWS\system32\heslo.txt
2018-06-01 20:27 - 2018-06-01 21:19 - 000000000 _____ C:\WINDOWS\system32\null
2018-06-01 20:27 - 2018-06-01 20:27 - 000003262 _____ C:\WINDOWS\System32\Tasks\WinMgr
2018-06-01 19:38 - 2018-06-01 19:38 - 000000945 _____ C:\Users\kolca\Desktop\µTorrent.lnk
2018-05-31 15:31 - 2018-05-31 15:31 - 000000222 _____ C:\Users\kolca\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2018-05-30 17:11 - 2018-05-12 15:57 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-05-30 17:11 - 2018-05-12 15:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-05-30 17:11 - 2018-05-12 15:55 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-05-30 17:11 - 2018-05-12 15:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-05-30 17:11 - 2018-05-12 15:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-05-30 17:11 - 2018-05-12 15:52 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-05-30 17:11 - 2018-05-12 15:52 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
2018-05-30 17:11 - 2018-05-12 01:15 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-05-30 17:11 - 2018-05-12 01:15 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-30 17:11 - 2018-05-12 01:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-30 17:11 - 2018-05-12 01:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-05-30 17:11 - 2018-05-12 01:10 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-30 17:11 - 2018-05-12 01:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-30 17:11 - 2018-05-12 01:10 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-30 17:11 - 2018-05-12 01:09 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-05-30 17:11 - 2018-05-12 01:09 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-05-30 17:11 - 2018-05-12 01:08 - 000757792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-30 17:11 - 2018-05-12 01:08 - 000428440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-05-30 17:11 - 2018-05-12 01:08 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-30 17:11 - 2018-05-12 01:07 - 002711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-30 17:11 - 2018-05-12 01:07 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-30 17:11 - 2018-05-12 01:07 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-30 17:11 - 2018-05-12 01:07 - 001084736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-05-30 17:11 - 2018-05-12 01:05 - 000616792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-05-30 17:11 - 2018-05-11 23:54 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-05-30 17:11 - 2018-05-11 23:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 001033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-05-30 17:11 - 2018-05-11 23:53 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:52 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
2018-05-30 17:11 - 2018-05-11 23:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-05-30 17:11 - 2018-05-11 23:52 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-05-30 17:11 - 2018-05-11 23:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 002186240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
2018-05-30 17:11 - 2018-05-11 23:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-30 17:11 - 2018-05-11 23:49 - 001685504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2018-05-30 17:11 - 2018-05-11 23:48 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-30 17:11 - 2018-05-11 23:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-05-30 17:11 - 2018-05-11 23:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-05-30 17:11 - 2018-05-11 23:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-05-30 17:11 - 2018-05-11 23:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-05-30 17:11 - 2018-05-11 23:47 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-05-30 17:11 - 2018-05-11 23:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-30 17:11 - 2018-05-11 23:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-30 17:11 - 2018-05-11 23:45 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-30 17:11 - 2018-05-11 23:44 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-05-30 17:11 - 2018-05-11 23:42 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-05-30 17:11 - 2018-05-11 23:41 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-30 17:11 - 2018-05-11 23:40 - 001363968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:40 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-05-30 17:11 - 2018-05-11 23:39 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-30 17:11 - 2018-05-11 23:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-05-30 17:11 - 2018-05-11 23:33 - 002762752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-05-30 17:11 - 2018-05-11 23:31 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
2018-05-30 17:11 - 2018-05-11 23:31 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-05-30 17:11 - 2018-05-11 23:31 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2018-05-30 17:11 - 2018-05-11 23:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2018-05-30 17:11 - 2018-05-11 23:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-30 17:11 - 2018-05-11 23:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2018-05-30 17:11 - 2018-05-11 23:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-05-30 17:11 - 2018-05-11 23:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-05-30 17:11 - 2018-05-11 23:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2018-05-30 17:11 - 2018-05-11 23:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-30 17:11 - 2018-05-11 23:26 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2018-05-30 17:11 - 2018-05-11 23:20 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-30 17:11 - 2018-05-11 23:20 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-05-30 17:11 - 2018-05-11 23:19 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-29 21:19 - 2018-05-29 21:19 - 000000000 ___HD C:\$SysReset
2018-05-29 11:27 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-25 15:06 - 2018-06-19 00:53 - 000000000 ____D C:\Program Files (x86)\VulkanRT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-21 20:47 - 2017-11-23 01:59 - 000000000 ____D C:\Users\kolca\AppData\Local\Battle.net
2018-06-21 20:47 - 2017-07-18 17:33 - 000000000 ____D C:\Users\kolca\AppData\Roaming\TS3Client
2018-06-21 18:31 - 2017-07-18 17:11 - 000000000 ____D C:\Users\kolca\AppData\Local\CrashDumps
2018-06-21 17:07 - 2017-04-11 05:26 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-21 16:55 - 2017-11-23 03:29 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F58D713F-D1DA-43FA-BD0E-C2C55C1447E3}
2018-06-21 16:15 - 2017-11-23 03:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-21 13:50 - 2017-12-17 15:15 - 000000000 ____D C:\WINDOWS\Panther
2018-06-21 10:38 - 2017-11-23 03:36 - 004716394 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-21 10:32 - 2017-11-23 03:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-21 10:32 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-21 10:32 - 2017-07-18 15:00 - 000000000 __SHD C:\Users\kolca\IntelGraphicsProfiles
2018-06-21 10:25 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-21 10:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-06-21 10:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-21 00:40 - 2017-11-23 03:29 - 000028394 _____ C:\WINDOWS\diagwrn.xml
2018-06-21 00:40 - 2017-11-23 03:29 - 000022863 _____ C:\WINDOWS\diagerr.xml
2018-06-20 10:22 - 2017-09-20 23:01 - 000000652 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-06-19 02:44 - 2017-11-23 03:26 - 000000000 ____D C:\Users\kolca
2018-06-19 02:41 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-06-19 02:17 - 2017-11-23 03:24 - 005014368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-19 00:53 - 2017-07-18 17:54 - 000000000 ____D C:\Program Files\Intel
2018-06-18 20:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-18 13:25 - 2018-01-25 19:55 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Twitch
2018-06-18 08:27 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-18 08:27 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-06-18 08:27 - 2017-09-28 14:52 - 000000000 ____D C:\Program Files\Microsoft Office
2018-06-15 20:03 - 2018-01-31 18:18 - 000000000 ____D C:\Users\kolca\AppData\Roaming\discord
2018-06-14 11:22 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-06-13 12:49 - 2017-11-28 02:36 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-13 12:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-13 12:46 - 2017-07-24 11:04 - 000000000 ____D C:\Users\kolca\AppData\Roaming\uTorrent
2018-06-13 12:31 - 2017-07-18 15:00 - 000000000 ____D C:\Users\kolca\AppData\Local\NVIDIA
2018-06-13 12:24 - 2018-04-23 18:17 - 039762304 _____ C:\Users\kolca\Desktop\MSIAfterburnerSetup450.exe
2018-06-12 23:08 - 2017-11-23 03:31 - 000000000 ___RD C:\Users\kolca\3D Objects
2018-06-12 23:08 - 2017-11-23 03:26 - 000000000 ____D C:\Users\kolca\AppData\Local\Packages
2018-06-12 23:08 - 2017-04-11 05:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-12 23:07 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-12 22:02 - 2017-07-18 16:46 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-12 21:16 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-12 21:13 - 2017-07-18 18:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-12 21:11 - 2017-10-10 21:34 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-12 21:11 - 2017-07-18 18:11 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-11 10:41 - 2017-07-18 17:55 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-06-09 20:24 - 2018-03-22 11:38 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-06-09 20:17 - 2017-08-06 23:51 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-06-09 14:38 - 2017-07-18 15:01 - 000000000 ____D C:\Users\kolca\AppData\Local\NVIDIA Corporation
2018-06-09 11:05 - 2017-04-11 05:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-08 15:28 - 2018-03-13 14:53 - 000004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-08 15:28 - 2017-11-23 03:29 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-06-08 15:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-08 15:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-07 23:23 - 2017-12-09 20:03 - 000000000 ____D C:\Users\kolca\AppData\Local\Spotify
2018-06-07 22:58 - 2017-12-09 20:02 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Spotify
2018-06-07 15:09 - 2017-09-20 15:27 - 000000000 ____D C:\Users\kolca\AppData\Roaming\DC++
2018-06-07 15:09 - 2017-09-20 15:27 - 000000000 ____D C:\Users\kolca\AppData\Local\DC++
2018-06-06 12:04 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Help
2018-06-06 12:04 - 2017-07-18 17:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-06-06 12:04 - 2017-07-18 17:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-06-06 12:04 - 2017-04-11 05:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-06-06 01:24 - 2017-09-29 15:49 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:24 - 2017-09-29 15:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-05 18:29 - 2018-05-17 23:56 - 000000000 ____D C:\Users\kolca\AppData\Roaming\.minecraft
2018-06-05 00:09 - 2017-08-16 20:49 - 000000000 ____D C:\Users\kolca\AppData\Roaming\vlc
2018-06-04 09:32 - 2017-12-19 03:09 - 000000000 ____D C:\WINDOWS\Minidump
2018-06-01 19:38 - 2017-08-15 23:45 - 000000000 ____D C:\Users\kolca\AppData\LocalLow\Mozilla
2018-06-01 19:38 - 2017-07-24 11:04 - 000000925 _____ C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-05-30 17:31 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-30 17:31 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-29 21:20 - 2018-03-12 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simulationcraft(x64)
2018-05-29 21:20 - 2018-02-07 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2018-05-29 21:20 - 2018-01-31 18:18 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-05-29 21:20 - 2018-01-30 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application
2018-05-29 21:20 - 2018-01-10 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hardware_info
2018-05-29 21:20 - 2018-01-06 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2018-05-29 21:20 - 2017-12-15 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuckDns
2018-05-29 21:20 - 2017-11-30 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2018-05-29 21:20 - 2017-11-30 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2018-05-29 21:20 - 2017-11-30 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-05-29 21:20 - 2017-11-24 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2018-05-29 21:20 - 2017-11-23 03:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2018-05-29 21:20 - 2017-11-23 03:25 - 000000000 ____D C:\WINDOWS\system32\IntelSSTAPO
2018-05-29 21:20 - 2017-11-23 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-05-29 21:20 - 2017-11-17 01:12 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-05-29 21:20 - 2017-11-17 01:10 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-05-29 21:20 - 2017-11-17 01:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-05-29 21:20 - 2017-10-13 20:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-05-29 21:20 - 2017-10-08 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2018-05-29 21:20 - 2017-10-07 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-05-29 21:20 - 2017-09-30 12:34 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-05-29 21:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-29 21:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-29 21:20 - 2017-09-29 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-29 21:20 - 2017-09-29 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-05-29 21:20 - 2017-09-29 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueJ FRI
2018-05-29 21:20 - 2017-09-28 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2018-05-29 21:20 - 2017-09-20 15:27 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC++
2018-05-29 21:20 - 2017-09-11 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RarZilla Free Unrar
2018-05-29 21:20 - 2017-09-05 10:07 - 000000000 ____D C:\Users\kolca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2018-05-29 21:20 - 2017-07-26 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2018-05-29 21:20 - 2017-07-18 15:00 - 000000000 ____D C:\Users\kolca\AppData\Local\TileDataLayer
2018-05-29 21:20 - 2017-07-18 14:52 - 000000000 ____D C:\WINDOWS\oem
2018-05-29 21:20 - 2017-04-11 05:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2018-05-29 21:20 - 2017-04-11 05:32 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2018-05-29 21:20 - 2017-04-11 05:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-05-29 11:32 - 2017-08-08 13:47 - 000000000 ____D C:\Users\kolca\AppData\Local\ElevatedDiagnostics
2018-05-29 11:21 - 2018-04-12 12:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-29 11:21 - 2017-08-15 23:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-29 11:21 - 2017-08-15 23:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-24 16:29 - 2017-11-22 20:56 - 000000000 ____D C:\Users\kolca\Documents\Sound recordings
2018-05-24 14:58 - 2017-12-03 22:11 - 000000271 _____ C:\Users\kolca\Documents\ClownfishForTeamspeak.ini
2018-05-23 00:00 - 2017-07-18 19:46 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
==================== Files in the root of some directories =======
2018-04-04 17:21 - 2018-04-04 17:27 - 000000132 _____ () C:\Users\kolca\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-11-30 13:51 - 2017-11-30 14:56 - 000000600 _____ () C:\Users\kolca\AppData\Local\PUTTY.RND
2018-01-07 11:52 - 2018-01-09 22:53 - 000007602 _____ () C:\Users\kolca\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2018-06-17 19:04 - 2018-06-21 17:08 - 000000000 _____ () C:\Users\kolca\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-06-17 19:04 - 2018-06-21 17:08 - 000000017 _____ () C:\Users\kolca\AppData\Local\Temp\07b2f39824a7efc1bea9743598964831.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-18 16:52
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.zip
- (22.55 KiB) Staženo 40 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Popuot po štarte winu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> DefaultScope {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
SearchScopes: HKU\S-1-5-21-907423362-3305526511-137660631-1001 -> {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
C:\Users\kolca\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => -> No File
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-18] (Google Inc.)
Task: {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-18] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Microsoft:B6EGBWBURFH6U03SWITCY4PXIVI [0]
AlternateDataStreams: C:\ProgramData\Microsoft:WLIKRZGVRXLAVWT10X [0]
AlternateDataStreams: C:\Users\kolca\Local Settings:bJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams: C:\Users\kolca\AppData\Local:bJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams: C:\Users\kolca\AppData\Local\Application Data:bJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams: C:\Users\kolca\AppData\Local\Dg5mUHHIMAZEkid:ZeKYsMQ1CiEHrFhgKTr7Y [2272]
AlternateDataStreams: C:\Users\kolca\AppData\Local\VTdrrM4DB7rrw4s:ET6VtH2HDBKobTVLrOdLEbsu8c [2160]
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Popuot po štarte winu
Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by kolca (21-06-2018 21:27:33) Run:1
Running from C:\Users\kolca\Desktop
Loaded Profiles: kolca (Available Profiles: kolca)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses
HKLMSOFTWAREPoliciesMicrosoftWindows Defender Restriction ==== ATTENTION
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - DefaultScope {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
BHO No Name - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File
CUserskolcaAppDataLocalTemp
ShellIconOverlayIdentifiers [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = - No File
ShellIconOverlayIdentifiers [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} = - No File
ShellIconOverlayIdentifiers [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = - No File
ShellIconOverlayIdentifiers [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = - No File
ShellIconOverlayIdentifiers [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = - No File
ShellIconOverlayIdentifiers [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = - No File
ShellIconOverlayIdentifiers [ ACloudSynced] - {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} = - No File
ShellIconOverlayIdentifiers [ ACloudSyncing] - {C1E1456F-C2D8-4C96-870D-35F1E13941EE} = - No File
ShellIconOverlayIdentifiers [ ACloudToBeSynced] - {307523FA-DDC0-4068-983F-2A6B34627744} = - No File
ShellIconOverlayIdentifiers [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File
ContextMenuHandlers5 [igfxcui] - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = - No File
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.)
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.)
AlternateDataStreams CProgramDataMicrosoftB6EGBWBURFH6U03SWITCY4PXIVI [0]
AlternateDataStreams CProgramDataMicrosoftWLIKRZGVRXLAVWT10X [0]
AlternateDataStreams CUserskolcaLocal SettingsbJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams CUserskolcaAppDataLocalbJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams CUserskolcaAppDataLocalApplication DatabJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams CUserskolcaAppDataLocalDg5mUHHIMAZEkidZeKYsMQ1CiEHrFhgKTr7Y [2272]
AlternateDataStreams CUserskolcaAppDataLocalVTdrrM4DB7rrw4sET6VtH2HDBKobTVLrOdLEbsu8c [2160]
AlternateDataStreams CUsersPublicAppDataCSM [470]
EmptyTemp
Hosts
End
*****************
CloseProcesses => Error: No automatic fix found for this entry.
HKLMSOFTWAREPoliciesMicrosoftWindows Defender Restriction ==== ATTENTION => Error: No automatic fix found for this entry.
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - DefaultScope {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL = => Error: No automatic fix found for this entry.
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL = => Error: No automatic fix found for this entry.
BHO No Name - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File => Error: No automatic fix found for this entry.
CUserskolcaAppDataLocalTemp => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ ACloudSynced] - {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ ACloudSyncing] - {C1E1456F-C2D8-4C96-870D-35F1E13941EE} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ ACloudToBeSynced] - {307523FA-DDC0-4068-983F-2A6B34627744} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers5 [igfxcui] - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = - No File => Error: No automatic fix found for this entry.
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.) => Error: No automatic fix found for this entry.
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.) => Error: No automatic fix found for this entry.
AlternateDataStreams CProgramDataMicrosoftB6EGBWBURFH6U03SWITCY4PXIVI [0] => Error: No automatic fix found for this entry.
AlternateDataStreams CProgramDataMicrosoftWLIKRZGVRXLAVWT10X [0] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaLocal SettingsbJAt55f61ThSTjJ5lGUlpfa8 [2408] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalbJAt55f61ThSTjJ5lGUlpfa8 [2408] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalApplication DatabJAt55f61ThSTjJ5lGUlpfa8 [2408] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalDg5mUHHIMAZEkidZeKYsMQ1CiEHrFhgKTr7Y [2272] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalVTdrrM4DB7rrw4sET6VtH2HDBKobTVLrOdLEbsu8c [2160] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersPublicAppDataCSM [470] => Error: No automatic fix found for this entry.
EmptyTemp => Error: No automatic fix found for this entry.
Hosts => Error: No automatic fix found for this entry.
==== End of Fixlog 21:27:33 ====
Ran by kolca (21-06-2018 21:27:33) Run:1
Running from C:\Users\kolca\Desktop
Loaded Profiles: kolca (Available Profiles: kolca)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses
HKLMSOFTWAREPoliciesMicrosoftWindows Defender Restriction ==== ATTENTION
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - DefaultScope {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL =
BHO No Name - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File
CUserskolcaAppDataLocalTemp
ShellIconOverlayIdentifiers [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = - No File
ShellIconOverlayIdentifiers [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} = - No File
ShellIconOverlayIdentifiers [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = - No File
ShellIconOverlayIdentifiers [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = - No File
ShellIconOverlayIdentifiers [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = - No File
ShellIconOverlayIdentifiers [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = - No File
ShellIconOverlayIdentifiers [ ACloudSynced] - {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} = - No File
ShellIconOverlayIdentifiers [ ACloudSyncing] - {C1E1456F-C2D8-4C96-870D-35F1E13941EE} = - No File
ShellIconOverlayIdentifiers [ ACloudToBeSynced] - {307523FA-DDC0-4068-983F-2A6B34627744} = - No File
ShellIconOverlayIdentifiers [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File
ContextMenuHandlers5 [igfxcui] - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = - No File
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.)
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.)
AlternateDataStreams CProgramDataMicrosoftB6EGBWBURFH6U03SWITCY4PXIVI [0]
AlternateDataStreams CProgramDataMicrosoftWLIKRZGVRXLAVWT10X [0]
AlternateDataStreams CUserskolcaLocal SettingsbJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams CUserskolcaAppDataLocalbJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams CUserskolcaAppDataLocalApplication DatabJAt55f61ThSTjJ5lGUlpfa8 [2408]
AlternateDataStreams CUserskolcaAppDataLocalDg5mUHHIMAZEkidZeKYsMQ1CiEHrFhgKTr7Y [2272]
AlternateDataStreams CUserskolcaAppDataLocalVTdrrM4DB7rrw4sET6VtH2HDBKobTVLrOdLEbsu8c [2160]
AlternateDataStreams CUsersPublicAppDataCSM [470]
EmptyTemp
Hosts
End
*****************
CloseProcesses => Error: No automatic fix found for this entry.
HKLMSOFTWAREPoliciesMicrosoftWindows Defender Restriction ==== ATTENTION => Error: No automatic fix found for this entry.
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - DefaultScope {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL = => Error: No automatic fix found for this entry.
SearchScopes HKUS-1-5-21-907423362-3305526511-137660631-1001 - {31712AB6-2E98-4F1D-BC84-F62A56E6C93E} URL = => Error: No automatic fix found for this entry.
BHO No Name - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File => Error: No automatic fix found for this entry.
CUserskolcaAppDataLocalTemp => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ ACloudSynced] - {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ ACloudSyncing] - {C1E1456F-C2D8-4C96-870D-35F1E13941EE} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [ ACloudToBeSynced] - {307523FA-DDC0-4068-983F-2A6B34627744} = - No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers [00asw] - {472083B0-C522-11CF-8763-00608CC02F24} = - No File => Error: No automatic fix found for this entry.
ContextMenuHandlers5 [igfxcui] - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = - No File => Error: No automatic fix found for this entry.
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.) => Error: No automatic fix found for this entry.
Task {B34A0240-85E9-4D43-B5CD-DFF7B025908B} - System32TasksGoogleUpdateTaskMachineUA = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe [2017-07-18] (Google Inc.) => Error: No automatic fix found for this entry.
AlternateDataStreams CProgramDataMicrosoftB6EGBWBURFH6U03SWITCY4PXIVI [0] => Error: No automatic fix found for this entry.
AlternateDataStreams CProgramDataMicrosoftWLIKRZGVRXLAVWT10X [0] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaLocal SettingsbJAt55f61ThSTjJ5lGUlpfa8 [2408] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalbJAt55f61ThSTjJ5lGUlpfa8 [2408] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalApplication DatabJAt55f61ThSTjJ5lGUlpfa8 [2408] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalDg5mUHHIMAZEkidZeKYsMQ1CiEHrFhgKTr7Y [2272] => Error: No automatic fix found for this entry.
AlternateDataStreams CUserskolcaAppDataLocalVTdrrM4DB7rrw4sET6VtH2HDBKobTVLrOdLEbsu8c [2160] => Error: No automatic fix found for this entry.
AlternateDataStreams CUsersPublicAppDataCSM [470] => Error: No automatic fix found for this entry.
EmptyTemp => Error: No automatic fix found for this entry.
Hosts => Error: No automatic fix found for this entry.
==== End of Fixlog 21:27:33 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Popuot po štarte winu
FRST nemazal. Zkuste to znovu, se stejným skriptem, ale v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?