Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

WMI Provider Host-CPU

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

WMI Provider Host-CPU

#1 Příspěvek od Tomiket »

Pěkně zdravím.
Moc rád bych Vás požádal o radu, případně i pomoc.
Notebook MSI GE72-7RE.
Win10 64bit.
Obvykle jedu na notebooku v režimu ECO v nastavení "Dragon center"-Výkon, stačí to na téměř veškerou mou aktivitu a notebook si drží pohodovou teplotu kolem 55°C. na CPU i GPU.
Problém nastal dnes, když jsem jej nechtíc přepl klávesovou zkratkou z "ECO" na "Sport". Překvapil mě rychlý náběh větráčku od CPU a při kontrole byla teplota na 75°C a dále stoupala až k 95°C.
Hned jsem tedy koukl na správce úloh copak se tam děje a koukám, že proces "WMI Provider Host" vytěžuje procesor mezi 40-70% a celkové zatížení procesoru 100%.
Přepnul jsem jej tedy zpět na "ECO" a resetoval notebook. Vše naběhlo v pořádku. "WMP Provider Host" vytěžoval procesor mezi 1-2% ale v okamžiku kdy jsem zkusil přepnout opět na "sport" vyskočila teplota, a vytížení procesoru zpět k 40-70%. po přepnutí na "ECO" opět vytížení i teplota opadla.
Nevím důvod ani příčinu, proč takhle blázní, nikdy se tak nedělo.
Předem Vám děkuji za jakokoliv radu či pomoc.

S Pozdravem Tomík.


Log.txt:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomík at 2018-09-19 21:00:58
Microsoft Windows 10 Home
System drive C: has 39 GB (33%) free of 121 GB
Total RAM: 8109 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:01:01, on 19.09.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Tomík.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://oem17win10.msn.com/?pc=NMTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://oem17win10.msn.com/?pc=NMTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Global Startup: Killer Control Center.lnk = C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem39.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Killer Network Service - Unknown owner - C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\WINDOWS\SysWOW64\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI True Color Service by Portrait Displays (MSITrueColorService) - Portrait Displays, Inc. - C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\nsWscSvc.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @oem24.inf,%SynTPEnhService.SVCDESC%;SynTPEnhService (SynTPEnhService) - Unknown owner - C:\WINDOWS\System32\SynTPEnhService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13732 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-502a33a2-10c8-4c92-9d6e-7956f705e69f -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3ceec6ef-7e0b-4528-84a8-991dbd228c5c -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-fae195d6-b587-47d2-b030-10c14e9a6007 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-acab1543-be01-4666-ac7c-4d7fb65b1261 -LifetimeId:d7b3d0c6-3641-4d03-a097-0fdb0c0809de -DeviceGroupId:WudfDefaultDevicePool
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s netprofm

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\AUDIODG.EXE 0x474
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2235702943408
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\syntpenhservice.exe
"C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\WINDOWS\SysWOW64\MSIService.exe"
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NortonSecurity.exe" /s "NortonSecurity" /m "C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\diMaster.dll" /prefetch:1
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservice -s W32Time
C:\WINDOWS\System32\svchost.exe -k utcsvc -p

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\wbem\wmiprvse.exe
"ctfmon.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NortonSecurity.exe" /c /a /s UserSession
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"c:\windows\system32\SynTPEnh.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Tomík\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x8086 --gpu-device-id=0x591b --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1c8c --lang=en-US --log-file="C:\Users\Tomík\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --service-request-channel-token=724D9419D2B51C9AA44C978009C832FC --mojo-platform-channel-handle=1980 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-browser-side-navigation --no-sandbox --disable-gpu-compositing --service-pipe-token=86E5C02B2737EF3945246DAABB7882DE --lang=en-US --lang=en-US --log-file="C:\Users\Tomík\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=86E5C02B2737EF3945246DAABB7882DE --renderer-client-id=2 --mojo-platform-channel-handle=2040 /prefetch:1
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\WINDOWS\System32\Taskmgr.exe" /2
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe" startup_folder
"C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe"
-dumy -install
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe" /noUI
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Nahimic\Nahimic2\UserInterface\.\Nahimic2svc32.exe" /start all
"C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe" /start all
"C:\Program Files (x86)\SCM\SCM.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxext.exe" -Embedding
"C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe" -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
"C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1044.0.951615869\902841934" -parentBuildID 20180830143136 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\Tomík\AppData\LocalLow\Mozilla\Temp-{207793b2-a2d7-4deb-91c3-375bacb2bde8}" 1044 "\\.\pipe\gecko-crash-server-pipe.1044" 1840 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1044.3.1292828113\144062156" -childID 1 -isForBrowser -prefsHandle 2328 -prefsLen 28449 -schedulerPrefs 0001,2 -parentBuildID 20180830143136 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1044 "\\.\pipe\gecko-crash-server-pipe.1044" 2496 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1044.13.1636923713\452757903" -childID 2 -isForBrowser -prefsHandle 3432 -prefsLen 28450 -schedulerPrefs 0001,2 -parentBuildID 20180830143136 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1044 "\\.\pipe\gecko-crash-server-pipe.1044" 3548 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1044.20.1966538998\702641436" -childID 3 -isForBrowser -prefsHandle 4204 -prefsLen 32905 -schedulerPrefs 0001,2 -parentBuildID 20180830143136 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1044 "\\.\pipe\gecko-crash-server-pipe.1044" 4164 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1044.27.1700723067\1510127173" -childID 4 -isForBrowser -prefsHandle 4324 -prefsLen 32905 -schedulerPrefs 0001,2 -parentBuildID 20180830143136 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1044 "\\.\pipe\gecko-crash-server-pipe.1044" 4336 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1044.34.34683214\1180910352" -childID 5 -isForBrowser -prefsHandle 4816 -prefsLen 32905 -schedulerPrefs 0001,2 -parentBuildID 20180830143136 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1044 "\\.\pipe\gecko-crash-server-pipe.1044" 4512 tab
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
"D:\Češtiny\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-15 204880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2016-09-20 71168]
"MsiTrueColor"=C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [2017-11-29 5870416]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2017-01-24 17406072]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2017-04-22 500208]
"Nahimic2UILauncher"=C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2017-07-04 734904]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-06-29 9230312]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2018-03-09 302360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2018-04-12 20488312]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"Adobe Reader Speed Launcher"=D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Killer Control Center.lnk - C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-09-19 20:57:40 ----D---- C:\Program Files\trend micro
2018-09-19 20:57:39 ----D---- C:\rsit
2018-09-13 04:18:40 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-09-13 04:18:40 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-09-13 04:18:40 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-09-13 04:18:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-09-13 04:18:40 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-09-13 04:18:40 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-09-13 04:18:39 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-13 04:18:38 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-09-13 04:18:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-09-13 04:18:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-09-13 04:18:38 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-09-13 04:18:38 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-09-13 04:18:38 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-09-13 04:18:37 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-09-13 04:18:37 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-13 04:18:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-09-13 04:18:35 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-09-13 04:18:35 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-13 04:18:35 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-09-13 04:18:34 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-09-13 04:18:34 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2018-09-13 04:18:34 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-09-13 04:18:34 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-09-13 04:18:33 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-09-13 04:18:33 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-09-13 04:18:33 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-09-13 04:18:32 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-09-13 04:18:31 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-09-13 04:18:31 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-09-13 04:18:31 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-09-13 04:18:30 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-09-13 04:18:30 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-09-13 04:18:30 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-09-13 04:18:29 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2018-09-13 04:18:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-09-13 04:18:29 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2018-09-13 04:18:29 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-09-13 04:18:28 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-09-13 04:18:28 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-09-13 04:18:28 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-09-13 04:18:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-13 04:18:27 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-09-13 04:18:27 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-09-13 04:18:27 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-09-13 04:18:27 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-09-13 04:18:27 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-09-13 04:18:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-09-13 04:18:26 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-09-13 04:18:25 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-09-13 04:18:25 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-09-13 04:18:24 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-09-13 04:18:24 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-09-13 04:18:23 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-09-13 04:18:23 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-09-13 04:18:22 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-09-13 04:18:22 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-13 04:18:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-09-13 04:18:21 ----A---- C:\WINDOWS\system32\WWAHost.exe
2018-09-13 04:18:21 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-09-13 04:18:21 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-09-13 04:18:21 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-09-13 04:18:20 ----A---- C:\WINDOWS\system32\msctf.dll
2018-09-13 04:18:20 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-13 04:18:20 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-13 04:18:20 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-09-13 04:18:19 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-09-13 04:18:19 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-09-13 04:18:18 ----A---- C:\WINDOWS\system32\wininet.dll
2018-09-13 04:18:18 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-09-13 04:18:18 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-09-13 04:18:17 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-13 04:18:17 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-09-13 04:18:16 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-09-13 04:18:13 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-09-13 04:18:13 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-09-13 04:18:12 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-13 04:18:12 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-09-13 04:18:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-13 04:18:11 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-09-13 04:18:11 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-09-13 04:18:11 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-09-13 04:18:10 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-09-13 04:18:09 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-09-13 04:18:08 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-13 04:18:08 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-13 04:18:07 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-09-13 04:18:04 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-13 04:18:04 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-13 04:18:04 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-13 04:18:04 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-09-13 04:18:03 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-09-13 04:18:03 ----A---- C:\WINDOWS\system32\usocore.dll
2018-09-13 04:18:03 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-09-13 04:18:03 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-13 04:18:02 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-13 04:17:53 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-09-13 04:17:53 ----A---- C:\WINDOWS\system32\tquery.dll
2018-09-13 04:17:53 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-13 04:17:52 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-09-13 04:17:52 ----A---- C:\WINDOWS\system32\winresume.exe
2018-09-13 04:17:52 ----A---- C:\WINDOWS\system32\winload.exe
2018-09-13 04:17:52 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-09-13 04:17:52 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-09-13 04:17:52 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-09-13 04:17:52 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-09-13 04:17:51 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-13 04:17:51 ----A---- C:\WINDOWS\system32\ci.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2018-09-13 04:17:50 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\system32\wsp_health.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-09-13 04:17:50 ----A---- C:\WINDOWS\system32\clusapi.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\system32\sppobjs.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\system32\resutils.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-13 04:17:49 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-09-13 04:17:48 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-09-13 04:17:48 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-09-13 04:17:48 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-09-13 04:17:48 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-09-13 04:17:48 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-09-13 04:17:48 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\system32\rsaenh.dll
2018-09-13 04:17:47 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-13 04:17:47 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2018-09-13 04:17:46 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-09-13 04:17:46 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2018-09-13 04:17:46 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-09-13 04:17:46 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-13 04:17:46 ----A---- C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-13 04:17:46 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-09-13 04:17:46 ----A---- C:\WINDOWS\system32\nettrace.dll
2018-09-13 04:17:46 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-09-13 04:17:46 ----A---- C:\WINDOWS\system32\dpx.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-09-13 04:17:45 ----A---- C:\WINDOWS\SYSWOW64\dpx.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\system32\tdh.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\system32\gdi32.dll
2018-09-13 04:17:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-09-13 04:17:45 ----A---- C:\WINDOWS\system32\certutil.exe
2018-09-13 04:17:45 ----A---- C:\WINDOWS\system32\certcli.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\SYSWOW64\spp.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\sppwinob.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\spp.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\dinput8.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\certreq.exe
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\certca.dll
2018-09-13 04:17:44 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-09-13 04:17:43 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\SYSWOW64\certreq.exe
2018-09-13 04:17:43 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollUI.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\SYSWOW64\certca.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\TtlsAuth.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\srcore.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\hal.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\eShims.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\DscCore.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\cryptxml.dll
2018-09-13 04:17:43 ----A---- C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-13 04:17:42 ----A---- C:\WINDOWS\SYSWOW64\TtlsAuth.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\TtlsCfg.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\netevent.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\fdeploy.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\TtlsExt.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\TtlsCfg.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\netevent.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\mssph.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\mf3216.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\fdeploy.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\dinput.dll
2018-09-13 04:17:41 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-12 00:58:09 ----D---- C:\Users\Tomík\AppData\Roaming\fltk.org
2018-09-12 00:58:09 ----D---- C:\ProgramData\fltk.org
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvopencl.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvdispgenco6439907.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvdispco6439907.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2018-08-29 18:26:37 ----A---- C:\WINDOWS\system32\nvcuda.dll
2018-08-29 18:26:36 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2018-08-29 18:26:36 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2018-08-29 18:26:36 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\SYSWOW64\vcruntime140.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\SYSWOW64\vccorlib140.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\SYSWOW64\msvcp140_1.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\SYSWOW64\msvcp140.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\SYSWOW64\concrt140.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\system32\vcruntime140.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\system32\vccorlib140.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\system32\msvcp140_1.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\system32\msvcp140.dll
2018-08-27 23:26:56 ----A---- C:\WINDOWS\system32\concrt140.dll
2018-08-27 16:34:11 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-08-21 16:33:01 ----D---- C:\ProgramData\For Honor Data

======List of files/folders modified in the last 1 month======

2018-09-19 21:00:59 ----D---- C:\WINDOWS\Temp
2018-09-19 20:58:37 ----D---- C:\WINDOWS\System32
2018-09-19 20:58:37 ----D---- C:\WINDOWS\INF
2018-09-19 20:58:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-19 20:57:50 ----D---- C:\WINDOWS\Prefetch
2018-09-19 20:57:40 ----RD---- C:\Program Files
2018-09-19 20:54:20 ----D---- C:\ProgramData\NVIDIA
2018-09-19 20:52:22 ----D---- C:\WINDOWS\AppReadiness
2018-09-19 20:52:21 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-09-19 20:52:20 ----SHD---- C:\System Volume Information
2018-09-19 20:51:56 ----D---- C:\WINDOWS\system32\sru
2018-09-19 20:49:27 ----HD---- C:\Program Files\WindowsApps
2018-09-19 20:49:14 ----D---- C:\WINDOWS\LiveKernelReports
2018-09-19 20:49:14 ----D---- C:\Windows
2018-09-19 20:41:06 ----D---- C:\WINDOWS\system32\drivers\NGCx64
2018-09-19 20:41:02 ----D---- C:\WINDOWS\system32\Tasks
2018-09-19 20:41:02 ----D---- C:\Program Files\Common Files\AV
2018-09-19 19:32:12 ----D---- C:\WINDOWS\system32\SleepStudy
2018-09-19 00:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-09-18 17:52:56 ----RD---- C:\WINDOWS\Microsoft.NET
2018-09-17 17:54:25 ----D---- C:\WINDOWS\Logs
2018-09-15 11:17:10 ----SHDC---- C:\WINDOWS\Installer
2018-09-15 11:16:43 ----D---- C:\Program Files (x86)\Common Files
2018-09-15 11:14:56 ----AD---- C:\Program Files (x86)\Microsoft Office
2018-09-15 09:17:35 ----D---- C:\WINDOWS\system32\catroot2
2018-09-15 09:17:35 ----D---- C:\WINDOWS\system32\CatRoot
2018-09-15 09:17:13 ----D---- C:\WINDOWS\system32\DriverStore
2018-09-15 09:17:12 ----D---- C:\WINDOWS\system32\drivers
2018-09-14 11:34:15 ----RSD---- C:\WINDOWS\assembly
2018-09-14 00:59:31 ----D---- C:\WINDOWS\system32\config
2018-09-14 00:51:23 ----D---- C:\WINDOWS\WinSxS
2018-09-14 00:50:13 ----D---- C:\WINDOWS\TextInput
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-09-14 00:50:13 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-09-14 00:50:12 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-09-14 00:50:12 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-09-14 00:50:12 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-09-14 00:50:12 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-09-14 00:50:12 ----D---- C:\WINDOWS\SysWOW64
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\zu-ZA
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\zh-CN
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\yo-NG
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\xh-ZA
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\wo-SN
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\tn-ZA
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\ti-ET
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\rw-RW
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\oobe
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\nso-ZA
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\migration
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\ig-NG
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-09-14 00:50:12 ----D---- C:\WINDOWS\system32\en-US
2018-09-14 00:50:11 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-09-14 00:50:11 ----D---- C:\WINDOWS\system32\Dism
2018-09-14 00:50:11 ----D---- C:\WINDOWS\system32\cs-CZ
2018-09-14 00:50:11 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-09-14 00:50:11 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-09-14 00:50:11 ----D---- C:\WINDOWS\system32\Boot
2018-09-14 00:50:11 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-09-14 00:50:10 ----D---- C:\WINDOWS\bcastdvr
2018-09-14 00:50:10 ----D---- C:\WINDOWS\apppatch
2018-09-14 00:50:10 ----D---- C:\Program Files\internet explorer
2018-09-14 00:50:10 ----D---- C:\Program Files (x86)\Internet Explorer
2018-09-13 05:57:27 ----D---- C:\WINDOWS\system32\Macromed
2018-09-13 05:57:21 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-09-13 04:25:10 ----D---- C:\WINDOWS\CbsTemp
2018-09-12 10:03:32 ----D---- C:\WINDOWS\system32\MRT
2018-09-12 01:51:10 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-09-12 00:58:09 ----HD---- C:\ProgramData
2018-09-08 21:43:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-08 21:43:02 ----AD---- C:\Program Files\Mozilla Firefox
2018-09-05 01:04:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-08-29 18:30:03 ----D---- C:\Program Files (x86)\VulkanRT
2018-08-22 18:12:02 ----A---- C:\WINDOWS\system32\nvapi64.dll
2018-08-21 16:33:03 ----D---- C:\Users\Tomík\AppData\Roaming\EasyAntiCheat
2018-08-21 12:15:48 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-08-21 12:14:40 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2018-08-21 12:14:40 ----A---- C:\WINDOWS\system32\nvcpl.dll
2018-08-21 12:14:33 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2018-08-21 12:14:33 ----A---- C:\WINDOWS\system32\nvshext.dll
2018-08-21 12:14:33 ----A---- C:\WINDOWS\system32\nvmctray.dll
2018-08-21 12:14:33 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2018-08-21 12:14:33 ----A---- C:\WINDOWS\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-09-19 795640]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\BASHDefs\20180918.001\BHDrvx64.sys [2018-07-02 1919568]
R1 ccSet_NGC;NGC Settings Manager; C:\WINDOWS\system32\drivers\NGCx64\160F010.008\ccSetx64.sys [2018-09-07 190424]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2018-03-23 507984]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\IPSDefs\20180918.061\IDSvia64.sys [2018-08-11 1306592]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 LGCoreTemp;Logitech CPU Core Tempurature; \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [2015-06-21 14184]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 asmthub3;@oem4.inf,%asmthub3_ServiceDescription%;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2016-09-02 149888]
R3 asmtxhci;@oem8.inf,%asmtxhci_ServiceDescription%;ASMedia XHCI Service; C:\WINDOWS\system32\DRIVERS\asmtxhci.sys [2016-09-02 453504]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2018-03-24 153168]
R3 ibtusb;@oem39.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-04-13 174600]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igdkmd64.sys [2017-06-22 12838352]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2017-06-29 5842912]
R3 IntcDAud;@oem20.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-05-11 825344]
R3 iwdbus;@oem36.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 KillerEth;@e2xw10x64.inf,%RIVET.Service.DispName%;NDIS Miniport Driver for Killer PCI-E Gigabit Ethernet Controller; C:\WINDOWS\System32\drivers\e2xw10x64.sys [2018-04-12 145920]
R3 LGBusEnum;@oem16.inf,%LGBusEnum.SVCDESC%;Logitech Gaming Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2017-01-24 36496]
R3 LGJoyXlCore;@oem16.inf,%LGJoyXlCore.SVCDESC%;Logitech Translation Layer Driver (LGS); C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [2017-01-24 67736]
R3 LGSHidFilt;@oem26.inf,%LGSHidFilt.SvcDesc%;Logitech Gaming KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [2017-01-24 64280]
R3 LGVirHid;@oem55.inf,%LGVirHid.SVCDESC%;Logitech Gamepanel Virtual HID Device Driver; C:\WINDOWS\system32\drivers\LGVirHid.sys [2017-01-24 26008]
R3 MEIx64;@oem54.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-08-23 204912]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2018-04-12 7689728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_8e7a7ed3e8e9740d\nvlddmkm.sys [2018-08-22 17212744]
R3 nvvad_WaveExtensible;@oem51.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2018-06-08 69544]
R3 nvvhci;@oem18.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-04-24 65792]
R3 RfeCoSvc;@oem28.inf,%RivetCoServiceName%;RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [2018-03-06 141480]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2018-03-30 42288]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-04-12 106496]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-07-14 1069568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0406000.00C\ccSetx64.sys [2015-06-25 173808]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-08-31 76256]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Ovladač přenosů Avrcp protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-07-12 30656]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;@oem1.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-11-02 416472]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2016-10-18 21984]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_4d125;Uživatelská služba platformy připojených zařízení_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-09-08 9658664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe [2017-06-22 604624]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-08-04 640928]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-24 1858048]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-09-20 17976]
R2 ibtsiva;@oem39.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe [2017-06-22 406480]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-08-30 177440]
R2 Killer Network Service;Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2018-03-06 2327488]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-08-30 419616]
R2 LogiRegistryService;Logitech Gaming Registry Service; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2017-01-24 225400]
R2 Micro Star SCM;Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [2009-07-10 160768]
R2 MSITrueColorService;MSI True Color Service by Portrait Displays; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [2017-11-29 192848]
R2 NortonSecurity;Norton Security; C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NortonSecurity.exe [2018-09-07 328648]
R2 nsWscSvc;Norton WSC Service; C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\nsWscSvc.exe [2018-09-07 915712]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19 764456]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-08-21 766832]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-07-19 629800]
R2 OneSyncSvc_4d125;Hostitel synchronizace_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2017-05-20 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-08-04 157600]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BcastDVRUserService_4d125;Uživatelská služba pro GameDVR a vysílání her_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe [2017-06-22 388560]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-06 43648]
R3 PimIndexMaintenanceSvc_4d125;Data kontaktů_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-04-07 6076936]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_4d125;Služba pro podporu uživatelů Bluetooth_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_4d125;DevicePicker_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_4d125;Tok zařízení_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-08-21 774272]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-07-27 987432]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_4d125;Služba zasílání zpráv_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-09-06 196048]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-08-04 268704]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2015-06-18 4362568]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19 764456]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-08-27 215320]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_4d125;PrintWorkflow_4d125; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]

-----------------EOF-----------------
Přílohy
Addition+FRST.rar
(26.14 KiB) Staženo 73 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: WMI Provider Host-CPU

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

Re: WMI Provider Host-CPU

#3 Příspěvek od Tomiket »

Děkuji Vám za odpověď a pomoc. ;)
Obrázek
Log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-20-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1322 octets] - [20/09/2018 00:48:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: WMI Provider Host-CPU

#4 Příspěvek od Rudy »

OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

Re: WMI Provider Host-CPU

#5 Příspěvek od Tomiket »

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Tomík (administrator) on MSI (20-09-2018 12:06:00)
Running from D:\Češtiny
Loaded Profiles: Tomík (Available Profiles: Tomík)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\nswscsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\nortonsecurity.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
() C:\Program Files (x86)\SCM\SCM.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxext.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\nortonsecurity.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5870416 2017-11-29] (Portrait Displays, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2017-04-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904 2017-07-04] (Nahimic)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230312 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [302360 2018-03-09] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2234853451-3630534881-407846878-1001\...\Run: [Gaijin.Net Agent] => "C:\Users\Tomík\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKU\S-1-5-21-2234853451-3630534881-407846878-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\ssstars.scr [14336 2008-04-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2016-11-04]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-09-15]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bbf94fcf-dcf3-4648-9bec-2260d1ae4efd}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2234853451-3630534881-407846878-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-2234853451-3630534881-407846878-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-15] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 8cgagyad.default
FF ProfilePath: C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default [2018-09-20]
FF Homepage: Mozilla\Firefox\Profiles\8cgagyad.default -> www.seznam.cz
FF Extension: (google-no-tracking-url) - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default\Extensions\jid1-zUrvDCat3xoDSQ@jetpack.xpi [2018-06-02]
FF Extension: (Norton Safe Web) - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default\Extensions\nortonsafeweb@symantec.com.xpi [2018-09-20]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2018-09-09]
FF Extension: (Adblock Plus) - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-30]
FF Extension: (Firefox Monitor) - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default\features\{54042551-7087-4456-a0ca-eb3f559ad2cb}\fxmonitor@mozilla.org.xpi [2018-09-19]
FF Extension: (Telemetry coverage) - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8cgagyad.default\features\{54042551-7087-4456-a0ca-eb3f559ad2cb}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-19] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-13] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-04-07] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-08-21] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2327488 2018-03-06] (Rivet Networks)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-24] (Logitech Inc.)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [192848 2017-11-29] (Portrait Displays, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4362568 2015-06-18] (Symantec Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NortonSecurity.exe [328648 2018-09-07] (Symantec Corporation)
R2 nsWscSvc; C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\nsWscSvc.exe [915712 2018-09-07] (Symantec Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-05-20] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [344032 2018-03-30] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\BASHDefs\20180918.004\BHDrvx64.sys [1919568 2018-07-02] (Symantec Corporation)
S3 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0406000.00C\ccSetx64.sys [173808 2015-06-25] (Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\system32\drivers\NGCx64\160F010.008\ccSetx64.sys [190424 2018-09-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-03-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153168 2018-03-24] (Symantec Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [174600 2017-04-13] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\IPSDefs\20180919.063\IDSvia64.sys [1306592 2018-08-11] (Symantec Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-12] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2017-01-24] (Logitech Inc.)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_8e7a7ed3e8e9740d\nvlddmkm.sys [17212744 2018-08-22] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [141480 2018-03-06] (Rivet Networks, LLC.)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-11-02] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [42288 2018-03-30] (Synaptics Incorporated)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NGCx64\160F010.008\SRTSP64.SYS [846928 2018-09-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NGCx64\160F010.008\SRTSPX64.SYS [51168 2018-09-07] (Symantec Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48320 2018-08-20] ()
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48056 2018-09-13] (SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [42128 2018-08-20] ()
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\160F010.008\SYMEFASI64.SYS [1969312 2018-09-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\160F010.008\SymELAM.sys [25608 2018-09-07] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-06-08] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NGCx64\160F010.008\Ironx64.SYS [307792 2018-09-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NGCx64\160F010.008\symnets.sys [566912 2018-09-07] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] ()
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\Drivers\NGCx64\160F010.008\wpCtrlDrv.sys [1002840 2018-09-07] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-20 01:14 - 2018-09-20 01:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2018-09-20 00:44 - 2018-09-20 00:48 - 000000000 ____D C:\AdwCleaner
2018-09-19 21:02 - 2018-09-20 12:06 - 000000000 ____D C:\FRST
2018-09-19 20:57 - 2018-09-19 21:01 - 000000000 ____D C:\Program Files\trend micro
2018-09-19 20:57 - 2018-09-19 20:57 - 000000000 ____D C:\rsit
2018-09-19 20:41 - 2018-09-19 20:41 - 000003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2018-09-19 20:40 - 2018-09-19 20:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2018-09-15 11:16 - 2018-09-15 11:16 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-15 11:16 - 2018-09-15 11:16 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-15 11:16 - 2018-09-15 11:16 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-15 11:16 - 2018-09-15 11:16 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-15 11:16 - 2018-09-15 11:16 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-15 11:16 - 2018-09-15 11:16 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-15 11:16 - 2018-09-15 11:16 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-15 11:16 - 2018-09-15 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-09-13 05:57 - 2018-09-13 05:57 - 000004620 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-13 04:18 - 2018-08-31 09:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-13 04:18 - 2018-08-31 09:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-13 04:18 - 2018-08-31 09:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-13 04:18 - 2018-08-31 09:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-13 04:18 - 2018-08-31 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-13 04:18 - 2018-08-31 08:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-13 04:18 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-13 04:18 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-13 04:18 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-13 04:18 - 2018-08-31 05:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-13 04:18 - 2018-08-31 05:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-13 04:18 - 2018-08-31 05:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-13 04:18 - 2018-08-31 05:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-13 04:18 - 2018-08-31 05:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-13 04:18 - 2018-08-31 05:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-13 04:18 - 2018-08-31 05:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-13 04:18 - 2018-08-31 05:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-13 04:18 - 2018-08-31 05:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-13 04:18 - 2018-08-31 05:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-13 04:18 - 2018-08-31 05:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-13 04:18 - 2018-08-31 05:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-13 04:18 - 2018-08-31 05:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-13 04:18 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-13 04:18 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-13 04:18 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-13 04:18 - 2018-08-31 05:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-13 04:18 - 2018-08-31 05:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-13 04:18 - 2018-08-31 05:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-13 04:18 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-13 04:18 - 2018-08-31 05:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-13 04:18 - 2018-08-31 05:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-13 04:18 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-13 04:18 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-13 04:18 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-13 04:18 - 2018-08-31 05:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-13 04:18 - 2018-08-31 05:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-13 04:18 - 2018-08-31 05:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-13 04:18 - 2018-08-31 05:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-13 04:18 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-13 04:18 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-13 04:18 - 2018-08-31 05:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-13 04:18 - 2018-08-31 05:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-13 04:18 - 2018-08-31 05:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-13 04:18 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-13 04:18 - 2018-08-31 05:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-13 04:18 - 2018-08-31 05:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-13 04:18 - 2018-08-31 05:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-13 04:18 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-13 04:18 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-13 04:18 - 2018-08-31 05:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-13 04:18 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-13 04:18 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-13 04:18 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-13 04:18 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-13 04:18 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-13 04:18 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-13 04:18 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-13 04:18 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-13 04:18 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-13 04:18 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-13 04:18 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-13 04:18 - 2018-08-09 11:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-13 04:18 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-13 04:18 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-13 04:18 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-13 04:18 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-13 04:18 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-13 04:18 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-13 04:18 - 2018-08-09 07:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-13 04:18 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-13 04:18 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-13 04:18 - 2018-08-09 06:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-13 04:18 - 2018-08-09 06:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-13 04:18 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-13 04:18 - 2018-08-09 06:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-13 04:18 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-13 04:18 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-13 04:18 - 2018-08-09 06:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-13 04:18 - 2018-08-09 06:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-13 04:18 - 2018-08-09 06:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-13 04:18 - 2018-08-09 06:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-13 04:18 - 2018-08-09 06:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-13 04:18 - 2018-08-09 06:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-13 04:18 - 2018-08-09 06:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-13 04:18 - 2018-08-09 06:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-13 04:18 - 2018-08-09 06:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-13 04:18 - 2018-08-09 06:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-13 04:18 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-13 04:18 - 2018-08-09 06:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-13 04:18 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-13 04:18 - 2018-08-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-13 04:18 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-13 04:18 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-13 04:18 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-13 04:18 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-13 04:18 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-13 04:18 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-13 04:17 - 2018-08-31 09:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-13 04:17 - 2018-08-31 09:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-13 04:17 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-13 04:17 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-13 04:17 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-13 04:17 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-13 04:17 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-13 04:17 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-13 04:17 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-13 04:17 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-13 04:17 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-13 04:17 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-13 04:17 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-13 04:17 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-13 04:17 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-13 04:17 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-13 04:17 - 2018-08-31 05:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-13 04:17 - 2018-08-31 05:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-13 04:17 - 2018-08-31 05:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-13 04:17 - 2018-08-31 05:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-13 04:17 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-13 04:17 - 2018-08-31 05:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-13 04:17 - 2018-08-31 05:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-13 04:17 - 2018-08-31 05:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-13 04:17 - 2018-08-31 05:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-13 04:17 - 2018-08-31 05:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-13 04:17 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-13 04:17 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-13 04:17 - 2018-08-31 05:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-13 04:17 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-13 04:17 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-13 04:17 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-13 04:17 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-13 04:17 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-13 04:17 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-13 04:17 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-13 04:17 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-13 04:17 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-13 04:17 - 2018-08-31 05:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-13 04:17 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-13 04:17 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-13 04:17 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-13 04:17 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-13 04:17 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-13 04:17 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-13 04:17 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-13 04:17 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-13 04:17 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-13 04:17 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-13 04:17 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-13 04:17 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-13 04:17 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-13 04:17 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-13 04:17 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-13 04:17 - 2018-08-31 03:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-13 04:17 - 2018-08-28 08:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-13 04:17 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-13 04:17 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-13 04:17 - 2018-08-28 07:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-13 04:17 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-13 04:17 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-13 04:17 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-13 04:17 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-13 04:17 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-13 04:17 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-13 04:17 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-13 04:17 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-13 04:17 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-13 04:17 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-13 04:17 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-13 04:17 - 2018-08-09 11:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-13 04:17 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-13 04:17 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-13 04:17 - 2018-08-09 11:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-13 04:17 - 2018-08-09 11:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-13 04:17 - 2018-08-09 11:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-13 04:17 - 2018-08-09 11:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-13 04:17 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-13 04:17 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-13 04:17 - 2018-08-09 11:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-13 04:17 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-13 04:17 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-13 04:17 - 2018-08-09 11:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-13 04:17 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-13 04:17 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-13 04:17 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-13 04:17 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-13 04:17 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-13 04:17 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-13 04:17 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-13 04:17 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-13 04:17 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-13 04:17 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-13 04:17 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-13 04:17 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-13 04:17 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-13 04:17 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-13 04:17 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-13 04:17 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-13 04:17 - 2018-08-09 06:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-13 04:17 - 2018-08-09 06:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-13 04:17 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-13 04:17 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-13 04:17 - 2018-08-09 06:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-13 04:17 - 2018-08-09 06:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-13 04:17 - 2018-08-09 06:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-13 04:17 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-13 04:17 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-13 04:17 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-13 04:17 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-13 04:17 - 2018-08-09 06:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-13 04:17 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-13 04:17 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-13 04:17 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-13 04:17 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-13 04:17 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-13 04:17 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-13 04:17 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-13 04:17 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-13 04:17 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-13 04:17 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-13 04:17 - 2018-08-09 06:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-13 04:17 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-13 04:17 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-13 04:17 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-13 04:17 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-13 04:17 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-13 04:17 - 2018-08-09 06:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-13 04:17 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-13 04:17 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-13 04:17 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-13 04:17 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-13 04:17 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-13 04:17 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-13 04:17 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-13 04:17 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-13 04:17 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-13 04:17 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-13 04:17 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-13 04:17 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-12 15:53 - 2018-09-12 15:56 - 000000132 _____ C:\Users\Tomík\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2018-09-12 00:58 - 2018-09-12 00:58 - 000000000 ____D C:\Users\Tomík\AppData\Roaming\fltk.org
2018-09-12 00:58 - 2018-09-12 00:58 - 000000000 ____D C:\ProgramData\fltk.org
2018-09-05 14:26 - 2018-09-05 14:26 - 000000000 ____D C:\Users\Tomík\AppData\Local\Gaijin
2018-08-29 18:26 - 2018-08-22 18:14 - 001420648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-08-29 18:26 - 2018-08-22 18:14 - 001093640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-08-29 18:26 - 2018-08-22 18:14 - 000628560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-08-29 18:26 - 2018-08-22 18:14 - 000518832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 040348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 035251600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 004354208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 003770072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 002016600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439907.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 001564496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 001469144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439907.dll
2018-08-29 18:26 - 2018-08-22 18:13 - 001218056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 031252104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 025967968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 017756392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 015170608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 013733544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 011277848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 004128112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 001360312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 001160520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 001072976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 001067288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 000908032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 000817800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-08-29 18:26 - 2018-08-22 18:12 - 000656352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000675984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000457512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000386712 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000343192 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000274072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000248624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000089248 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000087352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000031896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000028472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_1.dll
2018-08-27 16:34 - 2018-07-11 06:52 - 001471384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-08-24 15:22 - 2018-09-20 00:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2018-08-21 16:33 - 2018-08-21 16:33 - 000000000 ____D C:\ProgramData\For Honor Data

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-20 12:05 - 2017-04-18 19:44 - 000000000 ____D C:\Users\Tomík\AppData\LocalLow\Mozilla
2018-09-20 12:04 - 2017-04-18 20:13 - 000000001 _____ C:\Users\Public\Documents\dgc_DC.txt
2018-09-20 11:55 - 2017-05-01 11:45 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-20 11:53 - 2017-04-18 22:09 - 000000000 ____D C:\Users\Tomík\AppData\Local\CrashDumps
2018-09-20 11:53 - 2017-04-18 16:45 - 000000000 __SHD C:\Users\Tomík\IntelGraphicsProfiles
2018-09-20 01:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-20 01:08 - 2018-05-31 19:56 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-31 19:56 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-31 19:56 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-31 19:56 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-31 19:56 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-06 16:54 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-06 16:54 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-06 16:54 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-06 16:54 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-06 16:54 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-05-06 16:54 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-20 01:08 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-20 01:08 - 2017-05-01 11:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-20 01:08 - 2017-05-01 11:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-20 01:08 - 2017-05-01 11:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-20 01:08 - 2017-04-18 16:46 - 000000000 ____D C:\Users\Tomík\AppData\Local\NVIDIA Corporation
2018-09-20 00:59 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-20 00:55 - 2018-05-06 16:51 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-20 00:55 - 2018-04-12 17:50 - 000717314 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-20 00:55 - 2018-04-12 17:50 - 000145070 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-20 00:48 - 2018-05-06 16:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-20 00:48 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-09-19 23:13 - 2018-05-06 16:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-19 21:43 - 2017-04-20 17:27 - 000007596 _____ C:\Users\Tomík\AppData\Local\resmon.resmoncfg
2018-09-19 21:17 - 2017-04-18 17:00 - 000000000 ____D C:\Program Files\Common Files\AV
2018-09-19 20:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-19 20:50 - 2017-08-10 20:41 - 000000000 ____D C:\Users\Tomík\Documents\Registry záloha
2018-09-19 20:49 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-19 20:41 - 2018-04-11 23:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-09-19 20:41 - 2018-02-05 22:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2018-09-15 11:14 - 2016-09-21 20:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-15 09:24 - 2017-11-15 17:05 - 000000000 ____D C:\Users\Tomík\AppData\Local\Packages
2018-09-14 00:51 - 2018-05-06 16:48 - 005081008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-09-14 00:50 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-09-14 00:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-14 00:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-14 00:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-14 00:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-14 00:50 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-13 23:59 - 2018-07-02 17:21 - 000048056 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2018-09-13 05:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-09-13 05:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-09-13 05:57 - 2017-04-22 20:42 - 000000000 ____D C:\Users\Tomík\AppData\Local\Adobe
2018-09-13 04:25 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-12 15:48 - 2017-04-18 16:45 - 000000000 ____D C:\Users\Tomík\AppData\Local\NVIDIA
2018-09-12 13:45 - 2018-05-31 19:56 - 002622160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-09-12 13:45 - 2018-05-31 19:56 - 002249424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-09-12 13:45 - 2018-05-31 19:56 - 001311952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-09-12 12:23 - 2017-04-18 20:20 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-09-12 10:03 - 2017-04-18 22:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-12 01:51 - 2017-04-18 22:56 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-12 00:44 - 2017-04-18 16:45 - 000000000 ____D C:\Users\Tomík\AppData\Local\Publishers
2018-09-08 21:43 - 2017-09-02 02:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-08 21:43 - 2017-09-02 02:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-08 00:28 - 2018-03-25 13:42 - 000000000 ____D C:\Users\Tomík\AppData\Local\Ubisoft Game Launcher
2018-09-06 11:49 - 2017-09-02 02:23 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-05 01:04 - 2018-04-12 01:41 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-05 01:04 - 2018-04-12 01:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-29 18:30 - 2017-10-23 15:58 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-08-22 18:12 - 2018-04-25 17:38 - 004858000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-08-21 16:33 - 2018-05-26 01:34 - 000000000 ____D C:\Users\Tomík\AppData\Roaming\EasyAntiCheat
2018-08-21 16:33 - 2017-04-18 20:49 - 000000000 ____D C:\Users\Tomík\Documents\My Games
2018-08-21 14:16 - 2018-04-25 17:38 - 000044335 _____ C:\WINDOWS\system32\nvinfo.pb
2018-08-21 12:14 - 2017-05-01 11:45 - 005947600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-08-21 12:14 - 2017-05-01 11:45 - 002612264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-08-21 12:14 - 2017-05-01 11:45 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-08-21 12:14 - 2017-05-01 11:45 - 000634352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-08-21 12:14 - 2017-05-01 11:45 - 000450768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-08-21 12:14 - 2017-05-01 11:45 - 000124216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-08-21 12:14 - 2017-05-01 11:45 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

==================== Files in the root of some directories =======

2018-09-12 15:53 - 2018-09-12 15:56 - 000000132 _____ () C:\Users\Tomík\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2017-04-20 17:27 - 2018-09-19 21:43 - 000007596 _____ () C:\Users\Tomík\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-06 16:48

==================== End of FRST.txt ============================

Additon:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Tomík (20-09-2018 12:06:33)
Running from D:\Češtiny
Windows 10 Home Version 1803 17134.285 (X64) (2018-05-06 14:56:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2234853451-3630534881-407846878-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2234853451-3630534881-407846878-503 - Limited - Disabled)
Guest (S-1-5-21-2234853451-3630534881-407846878-501 - Limited - Disabled)
Tomík (S-1-5-21-2234853451-3630534881-407846878-1001 - Administrator - Enabled) => C:\Users\Tomík
WDAGUtilityAccount (S-1-5-21-2234853451-3630534881-407846878-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ApoDispatch Install Configurator (HKLM\...\{86DFBD13-F1EA-43EA-8BF7-05B4A7F40571}) (Version: 2.5.1701 - Nahimic) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.38.1 - Asmedia Technology)
AudioLaunchpad Install Configurator (HKLM\...\{6876FCDB-9B83-4AAF-B5BD-B84C500C378F}) (Version: 2.5.1701 - Nahimic) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.4.2.1258 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Cities Skylines čeština (HKLM-x32\...\{5771582B-DFC8-4C5B-8298-E1A1B5803944}) (Version: 1.00.0000 - Název společnosti:Woytman)
Crossout Launcher 1.0.3.59 (HKLM-x32\...\CrossOutLauncher_is1) (Version: - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5307.55 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.)
Dreadnought (HKLM-x32\...\Dreadnought) (Version: 3.0.0 - Grey Box)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Futuremark SystemInfo (HKLM-x32\...\{6583B359-134F-480D-9B31-9B94EFFAFE40}) (Version: 5.0.609.0 - Futuremark)
GameLauncherRemoval (KCD Beta Access) (HKLM-x32\...\{E8546ADD-2C12-4D30-B893-A9E3158897A0}) (Version: 1.0.0.0 - Warhorse Studios) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.)
Homeworld2 (HKLM-x32\...\{74EF8B0D-1197-4F32-9A45-892FD5F0B250}) (Version: 1.0 - Sierra)
CheckDevices Install Configurator (HKLM\...\{FBF14B3C-60CF-43F8-8E83-0DBF072138A3}) (Version: 2.5.1701 - Nahimic) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{25779f5d-6b0a-4e11-89e8-441b93c6ce2b}) (Version: 19.10.0 - Intel Corporation)
KB9X Radio Switch Driver (HKLM\...\EC950B206B0E7722C96A318DF396BABFBB057BC0) (Version: 1.1.2.0 - ENE TECHNOLOGY INC.)
KCD Beta Access (HKLM-x32\...\{d44960a6-3b7d-40c1-8ea6-6a23938ad55d}) (Version: 4.0 - Warhorse Studios)
KCD Beta Access (HKLM-x32\...\{FD95EDF6-7B9F-4BD1-8DAD-63D8BDD45B96}) (Version: 4.0 - Warhorse Studios) Hidden
Killer Performance Suite (HKLM\...\{0B988985-38C9-4DD4-9835-5AC17EEC26F7}) (Version: 1.0.762 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup Install (HKLM\...\{20B69660-B995-43F8-A14A-8DC1DDAF3E8B}) (Version: 2.5.1701 - Nahimic) Hidden
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Logitech Gaming Software 8.91 (HKLM\...\Logitech Gaming Software) (Version: 8.91.48 - Logitech Inc.)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker Silver (HKLM\...\{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Silver (HKLM-x32\...\MX.{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH)
MAGIX Music Maker Silver Soundpools (HKLM\...\{CC8B6E22-F579-46A1-A9F3-985F114590F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 16 (HKLM\...\{B33D219F-2504-45A7-863B-999ED3E38B01}) (Version: 12.0.0.26 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 16 (HKLM-x32\...\MX.{B33D219F-2504-45A7-863B-999ED3E38B01}) (Version: 12.0.0.26 - MAGIX Software GmbH)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 62.0 (x64 cs) (HKLM\...\Mozilla Firefox 62.0 (x64 cs)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
MSI Remind Manager (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1611.2101 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 2.1.2.0 - Portrait Displays, Inc.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nahimic 2+ Audio Driver (HKLM\...\{59040F9E-4715-4819-8618-D8C2591FC0B6}) (Version: 2.5.1701 - Nahimic) Hidden
Nahimic 2+ Audio Driver (HKLM-x32\...\{6396d25e-ecfb-4e2d-b88c-0cd08cd78159}) (Version: 2.5.17 - Nahimic)
Norton Online Backup (HKLM-x32\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.2.7 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.6.0.12 - Symantec Corporation) Hidden
Norton Security (HKLM-x32\...\NGC) (Version: 22.15.1.8 - Symantec Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.07 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
ProductDaemonSetup Install (HKLM\...\{6CC0818B-98D2-4880-AC95-A0C1A4139D72}) (Version: 2.5.1701 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{D03BE6D9-F956-4674-83A6-E7AFA6CC29E7}) (Version: 2.5.1701 - Nahimic) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8199 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{61C9E087-AEEC-4D47-81A4-0A4999751A5E}) (Version: 13.018.03063 - Application)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
SonicMapper Install Configurator (HKLM\...\{8EA5FF84-DD94-4A6D-B167-0594879BA480}) (Version: 2.5.1701 - Nahimic) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.12.12 (HKLM\...\SteelSeries Engine 3) (Version: 3.12.12 - SteelSeries ApS)
TeamSpeak 3 Client (HKU\S-1-5-21-2234853451-3630534881-407846878-1001\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UIInstallUpgrade (HKLM\...\{0B3DB68B-84DB-4F26-9971-59AAE0279E09}) (Version: 2.5.1701 - Nahimic) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 53.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.)
War Thunder Launcher 1.0.3.27 (HKU\S-1-5-21-2234853451-3630534881-407846878-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
XSplit Gamecaster (HKLM-x32\...\{9E8A3821-032E-4230-9C12-C14D3FC8685E}) (Version: 2.8.1605.2342 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NavShExt.dll [2018-09-07] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing, S.L.)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NavShExt.dll [2018-09-07] (Symantec Corporation)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\buShell.dll [2018-09-07] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NavShExt.dll [2018-09-07] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing, S.L.)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0777A688-671B-48E9-B1BC-22406B3EF923} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {106C1C47-5E6E-485E-8CA2-0476A69F5E36} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-09-07] (Symantec Corporation)
Task: {10F5C523-C759-4DE3-998B-0D3D6353FFDF} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {1516DD55-9D7F-412C-94BE-BC42EEC41ECF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {1D0157F8-E335-4F5E-8300-426CD401864A} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {23A71C0E-851C-4EF0-BE52-1BA6DFF1E8CF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-15] (Microsoft Corporation)
Task: {27547D02-D29A-4542-A22C-8EFAAA341FC2} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\SymErr.exe [2018-09-07] (Symantec Corporation)
Task: {340AB5B7-5E11-4E76-9E7E-42E7B78C9929} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-15] (Microsoft Corporation)
Task: {35EB4639-012A-4550-9C33-BF376A707E25} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-15] (Microsoft Corporation)
Task: {36E2B268-C8E3-4D70-9ACA-B951EA549E8D} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2018-02-05] (Micro-Star International Co., Ltd.)
Task: {3B4DBA4C-D837-41C5-AEC7-C7D21E16CD42} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-27] (Intel(R) Corporation)
Task: {3E6231BF-856D-4D30-B4BE-AF792CC927F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {41A73642-D093-4E31-B51A-0ECD100D79E8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {490D9EF7-62A4-4523-BD2C-1A68DD81CA33} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-13] (Adobe Systems Incorporated)
Task: {50AC0E98-4DA1-4B6F-A2D8-D2125FB5512E} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\SymErr.exe [2018-09-07] (Symantec Corporation)
Task: {51B0A43A-D31E-427C-B13A-DEF896F0D2E7} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {51FEDAFE-2605-4ECF-8308-1F4337DB9E03} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2017-07-04] (Nahimic)
Task: {54EDF820-C3A2-41ED-87BC-C3F2383DF7E2} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {561958B8-C98F-42C7-BB5E-02145450240C} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\SymErr.exe [2018-09-07] (Symantec Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {664375D5-4988-4332-B358-D84F155797EF} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-05-11] (CyberLink Corp.)
Task: {6C651F8A-5F5A-4A4E-9758-4198FDE688A3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-12] (NVIDIA Corporation)
Task: {6FB7B0A4-CBBD-40B9-8CCE-794CCAF15FF2} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2017-07-04] ()
Task: {850B345A-6F0E-4C0C-8381-2D23BC587430} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {91B9D3B0-B5A9-4026-81CD-D24F57AFA592} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2017-07-04] ()
Task: {B293DB47-9BEE-4086-9950-9D4CEE211ED0} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [2018-04-12] (Micro-Star International Co., Ltd.)
Task: {B950A50D-8612-400C-B0A9-533BA35D200B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {CC7D8F96-6E91-4832-B8F9-86175BF034A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CD4AC249-728D-4D94-90D9-4C88080D329B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {D0993A4A-EB19-48C0-B84E-17342B4F415E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-12] (NVIDIA Corporation)
Task: {D8ACD443-8822-4A86-A690-3635FB87BDAF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\WSCStub.exe [2018-09-07] (Symantec Corporation)
Task: {DF396261-0C37-4E8D-9DF5-965E2ACF6843} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {E1107536-926B-4759-A28E-E03AFEDAAED1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {E6051C55-27B4-4D17-8574-8FB1CAB96BC5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-12] (NVIDIA Corporation)
Task: {F014D587-F0F4-46AC-80DF-D327AADE8007} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-15] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-05-20 18:17 - 2017-05-20 18:17 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-05-31 19:56 - 2018-09-12 13:45 - 001315024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-13 04:18 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-31 19:56 - 2018-09-12 13:45 - 101252304 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-31 19:56 - 2018-09-12 13:45 - 002673360 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-31 19:56 - 2018-09-12 13:45 - 000138960 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-01-24 00:19 - 2017-01-24 00:19 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-01-24 00:19 - 2017-01-24 00:19 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-07-04 16:24 - 2017-07-04 16:24 - 004412088 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2017-07-04 16:28 - 2017-07-04 16:28 - 000520376 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2018-03-09 14:37 - 2018-03-09 14:37 - 000302360 _____ () C:\Program Files (x86)\SCM\SCM.exe
2018-08-29 09:25 - 2018-08-29 09:25 - 003855360 _____ () C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe
2016-08-30 09:19 - 2016-08-30 09:19 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-31 19:56 - 2018-09-12 13:45 - 001032912 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2234853451-3630534881-407846878-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\System32\oobe\info\Wallpaper\backgroundDefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-2234853451-3630534881-407846878-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{919F62BC-4C6C-4B1C-B800-888DD8460845}] => (Allow) D:\Programy\Steam\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{B5385F87-068E-47CB-A39C-6C432BEAAEC8}] => (Allow) D:\Programy\Steam\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{513EAF31-E48E-4DBC-9954-905993F03563}] => (Allow) D:\Programy\Steam\steamapps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{A579A509-5C0B-476F-8788-E1070EA3CE4F}] => (Allow) D:\Programy\Steam\steamapps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{9809358D-B51D-4836-8995-207363AA7092}] => (Allow) D:\Programy\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{74B40049-DB35-4C39-9BD4-035C9556E5DE}] => (Allow) D:\Programy\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{91668685-B2E9-499F-9ED7-A532FC5BB1E4}] => (Allow) D:\Programy\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{9762E24F-1D25-49CC-B71C-E14F3137BE5D}] => (Allow) D:\Programy\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{437FFBBC-FD85-4B76-BEB8-5190B234B656}] => (Allow) D:\Programy\Steam\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D161EC03-2528-455F-B8A8-E0ED2C6BD79E}] => (Allow) D:\Programy\Steam\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{C9BF3A5B-3E43-424E-AE0E-E790589CB2B0}] => (Allow) D:\Programy\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9C656DF9-1880-42B2-852A-40AD5FCF3020}] => (Allow) D:\Programy\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{38F6621D-40B8-4DBA-A87F-41CBA2B218E3}] => (Allow) D:\Programy\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D757EDF9-E36E-4F76-900C-709FBD6AA7E8}] => (Allow) D:\Programy\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{2CBBED7B-A744-455D-9FA9-C61465250D4A}] => (Allow) D:\Programy\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{D46902BC-66ED-4E3F-A428-18D0634702E9}] => (Allow) D:\Programy\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{7E630A32-3E5E-45FE-8BD1-ADC943007E37}] => (Allow) D:\Programy\Steam\steamapps\common\Gold Rush The Game\GoldRushTheGame.exe
FirewallRules: [{CFFE8AA0-4B54-4487-BB90-72712A36D411}] => (Allow) D:\Programy\Steam\steamapps\common\Gold Rush The Game\GoldRushTheGame.exe
FirewallRules: [UDP Query User{404B40B0-5095-46F3-88D6-6E824B7C58D2}D:\programy\warthunder\win64\aces.exe] => (Allow) D:\programy\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{A90F9647-F766-424D-9AE0-DC93E5804BE8}D:\programy\warthunder\win64\aces.exe] => (Allow) D:\programy\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{B4268BA5-9D28-4FDB-8AF4-81F833C63696}D:\programy\warthunder\launcher.exe] => (Allow) D:\programy\warthunder\launcher.exe
FirewallRules: [TCP Query User{E260371C-1C6D-4C96-9F6D-9E70F35D47E8}D:\programy\warthunder\launcher.exe] => (Allow) D:\programy\warthunder\launcher.exe
FirewallRules: [{9370DB3C-302A-4444-B991-F32797455736}] => (Allow) D:\Programy\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{8871DCF2-271C-4EFB-9C88-0D2D8CCA21C1}] => (Allow) D:\Programy\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{8899FD53-BE17-428D-9D47-09119FFC3104}] => (Allow) D:\Programy\Steam\Steam.exe
FirewallRules: [{0A408574-E55F-4B4E-AE61-EA62969273CF}] => (Allow) D:\Programy\Steam\Steam.exe
FirewallRules: [{6D5BA363-BA90-40E7-B39E-C16A256C2984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B4CFB34-C317-4B88-BEA4-599CC0F9D4D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{10546F6B-F816-4126-8354-0DFAFAA5D907}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CD3438B4-CDC4-4A69-A2F3-973CCE3C9AC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{20C275EB-7645-4B6B-88CE-0E5D1392BCD5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9A0EC173-4BFF-43D1-BAC0-88442EE9235C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{0E164369-07B1-4E88-AEFF-C752C80B1912}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{11308C7B-3E0A-4B17-9649-46E357BAD920}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{F36C3BF8-7181-49E0-8E64-44588C80AA26}] => (Allow) D:\Programy\Steam\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{B415744A-867A-4E14-A438-8727A2FE95DF}] => (Allow) D:\Programy\Steam\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{54AC73CB-6D4A-4D3D-A165-3EA9C6309D27}] => (Allow) D:\Programy\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{D75E650D-212E-4168-AD8D-66BC4A03010D}] => (Allow) D:\Programy\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{0EFA6D6B-A360-4811-8CC9-DBD5498EF555}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{AFA8FEEF-F6B0-4157-B449-157C0DFDA964}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FBD8E684-B04B-487A-B9F9-E682A6B8A14D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{00304F2E-AC75-409A-B0E4-FF13EF1287B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A92D940A-D102-47F9-85B0-3F3C09B83244}] => (Allow) D:\Programy\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{11290798-3D28-4628-804B-631E6B6E8922}] => (Allow) D:\Programy\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{082F59B1-A281-4598-B639-525C79D035EE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FA4F47E0-D2C9-4353-B107-464AD9FD6C19}] => (Allow) D:\Programy\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{7C47F61B-E84A-49AE-99AB-9D2FCF20100D}] => (Allow) D:\Programy\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{2E46A085-DC50-4539-9158-22889625029E}] => (Allow) D:\Programy\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{6B4A00A2-F59B-4B54-A331-6BE8EE8A034A}] => (Allow) D:\Programy\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{FF325139-7266-4349-A06C-D334F89A8C37}] => (Allow) D:\Programy\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{C2F44C8C-D4A3-4A19-9143-5A73088840E2}] => (Allow) D:\Programy\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{E72F187A-D0AD-4951-AFF4-99B7A993ECAD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{43BD587A-8A42-434E-85B4-8E72AABB3111}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{14BA8494-1EE2-4B1B-86D3-3A666EEF011E}] => (Allow) D:\Programy\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{A6FE4AC5-5900-453C-AA92-42B235D1A899}] => (Allow) D:\Programy\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{1C24E72D-E8E2-4CEE-B8A4-BC17EEF427D5}] => (Allow) D:\Programy\Steam\steamapps\common\Post Scriptum - Test Server\Launch_PostScriptum.exe
FirewallRules: [{9928880E-DB10-4992-986C-B8314DB9D613}] => (Allow) D:\Programy\Steam\steamapps\common\Post Scriptum - Test Server\Launch_PostScriptum.exe
FirewallRules: [{78EF5A14-B2B3-459B-B816-36CF2D906EAD}] => (Allow) D:\Programy\Steam\steamapps\common\FAR Lone Sails\Game\FarLoneSails.exe
FirewallRules: [{DBCD4FDE-C79B-4489-A793-D8BB24F1BE9B}] => (Allow) D:\Programy\Steam\steamapps\common\FAR Lone Sails\Game\FarLoneSails.exe
FirewallRules: [{1CF2BC44-3F25-4B90-B074-6CD18A622A3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2EA6A2ED-2394-44C4-887F-52045D452BA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{625DCA5F-208D-423A-9DBE-C20B2EBD7961}] => (Allow) D:\Programy\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{EB930379-0904-4D3F-9C24-D856D04B9039}] => (Allow) D:\Programy\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{3F8FE0B0-F65B-4085-8FD1-7852437AADF5}] => (Allow) D:\Programy\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{956B938C-3AAC-458A-BB28-794659D79E10}] => (Allow) D:\Programy\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{AB622208-650A-41CE-98FE-EAFE7FAF9BF5}] => (Allow) D:\Programy\Steam\steamapps\common\Spintires MudRunner\MudRunner.exe
FirewallRules: [{E70B7242-1A01-4FBA-8D50-540DD4433AA3}] => (Allow) D:\Programy\Steam\steamapps\common\Spintires MudRunner\MudRunner.exe
FirewallRules: [{DF4A2B30-96D8-4280-A63B-162355BA7192}] => (Allow) D:\Programy\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{1C61512B-E324-4ABA-BE90-FC593D056191}] => (Allow) D:\Programy\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{9B84BCD7-6E83-4733-A1BC-065245C14B2F}] => (Allow) D:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{ACD393B3-2987-44AD-9BDD-17CFEAA676C7}] => (Allow) D:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{D12DD958-5D3B-40DB-9615-1538AB3C794E}] => (Allow) D:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect64.exe
FirewallRules: [{4161A066-6A7B-4E23-AD57-648A4611DD39}] => (Allow) D:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect64.exe
FirewallRules: [{E4BCEA0F-AFF0-49B0-964D-C73CE4C8825D}] => (Allow) D:\Programy\Steam\steamapps\common\Naval Action\Client.exe
FirewallRules: [{7950D43B-E9AF-435E-8FD0-030AAFFC0566}] => (Allow) D:\Programy\Steam\steamapps\common\Naval Action\Client.exe
FirewallRules: [{B3CB8697-7CFB-4EC6-B99D-3633DF798AEC}] => (Allow) D:\Programy\Steam\steamapps\common\Naval Action\NavalActionCrashSender.exe
FirewallRules: [{841F9C4B-6FE5-4AEE-B5A8-8CD003B824B2}] => (Allow) D:\Programy\Steam\steamapps\common\Naval Action\NavalActionCrashSender.exe
FirewallRules: [{E1AB6585-4885-416C-880D-5CE4CF32B3B2}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{8C8CB81B-7997-4ECB-AE91-AAC7CB3F275A}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{3A0BBF6E-5C8F-40DF-9083-C83F4AED3EA6}] => (Allow) D:\Programy\Steam\steamapps\common\RimWorld\RimWorldWin64.exe
FirewallRules: [{E0DEFCD2-C53D-4C8E-9100-126A4138DCD3}] => (Allow) D:\Programy\Steam\steamapps\common\RimWorld\RimWorldWin64.exe
FirewallRules: [{3B29BB64-4E43-41AA-B923-9042505C208D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{939FBEE1-E05B-4044-80F0-F47A1884A3C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{673E1F94-36BA-4DF0-9301-AD9594EC3BCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{96FF8BE9-CB35-4C32-BC0D-652D85CE2C0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4B23CE14-413E-4E68-8370-2898420AD620}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/20/2018 11:53:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: KillerControlCenter.exe, verze: 1.0.762.0, časové razítko: 0x57ed485b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2754
Čas spuštění chybující aplikace: 0x01d450c7cdc86f7a
Cesta k chybující aplikaci: C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: c926b9c9-ed79-4405-ae01-d18a639b8f64
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/20/2018 11:53:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: KillerControlCenter.exe, verze: 1.0.762.0, časové razítko: 0x57ed485b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2754
Čas spuštění chybující aplikace: 0x01d450c7cdc86f7a
Cesta k chybující aplikaci: C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 32414ec3-6743-4128-ae7f-56f8ba055212
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/20/2018 11:53:40 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: KillerControlCenter.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na KillerNetworkServiceLib.IBandwidthControlManager.GetRulesManager()
na KillerService.BWCServiceController.ConnectToService()
na KillerService.ServiceConnection.ReConnectToService(Boolean)
na KillerService.ServiceConnection.ReConnectToService()
na KillerNetworkManager.MainForm.MainForm_Load(System.Object, System.EventArgs)
na System.EventHandler.Invoke(System.Object, System.EventArgs)
na System.Windows.Forms.Form.OnLoad(System.EventArgs)
na DevExpress.XtraEditors.XtraForm.OnLoad(System.EventArgs)
na System.Windows.Forms.Form.OnCreateControl()
na System.Windows.Forms.Control.CreateControl(Boolean)
na System.Windows.Forms.Control.CreateControl()
na System.Windows.Forms.Control.WmShowWindow(System.Windows.Forms.Message ByRef)
na System.Windows.Forms.Control.WndProc(System.Windows.Forms.Message ByRef)
na System.Windows.Forms.Form.WmShowWindow(System.Windows.Forms.Message ByRef)
na DevExpress.XtraEditors.XtraForm.WndProc(System.Windows.Forms.Message ByRef)
na System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)
na DevExpress.Utils.Drawing.Helpers.NativeMethods+UnsafeNativeMethods.DefSubclassProc(IntPtr, IntPtr, IntPtr, IntPtr)
na DevExpress.Utils.Drawing.Helpers.Win32SubclasserFactory+Win32Subclasser.SubClassProcInner(IntPtr, IntPtr, IntPtr, IntPtr, IntPtr, IntPtr)

Error: (09/20/2018 08:58:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/20/2018 08:55:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: KillerControlCenter.exe, verze: 1.0.762.0, časové razítko: 0x57ed485b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x1ac4
Čas spuštění chybující aplikace: 0x01d450aee85f16fd
Cesta k chybující aplikaci: C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 23c6fcc9-3810-4525-a497-b47004f33a1a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/20/2018 08:55:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: KillerControlCenter.exe, verze: 1.0.762.0, časové razítko: 0x57ed485b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x1ac4
Čas spuštění chybující aplikace: 0x01d450aee85f16fd
Cesta k chybující aplikaci: C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a63ef331-3a2e-48d2-8cab-45455721f53a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/20/2018 08:55:27 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: KillerControlCenter.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na KillerNetworkServiceLib.IBandwidthControlManager.GetRulesManager()
na KillerService.BWCServiceController.ConnectToService()
na KillerService.ServiceConnection.ReConnectToService(Boolean)
na KillerService.ServiceConnection.ReConnectToService()
na KillerNetworkManager.MainForm.MainForm_Load(System.Object, System.EventArgs)
na System.EventHandler.Invoke(System.Object, System.EventArgs)
na System.Windows.Forms.Form.OnLoad(System.EventArgs)
na DevExpress.XtraEditors.XtraForm.OnLoad(System.EventArgs)
na System.Windows.Forms.Form.OnCreateControl()
na System.Windows.Forms.Control.CreateControl(Boolean)
na System.Windows.Forms.Control.CreateControl()
na System.Windows.Forms.Control.WmShowWindow(System.Windows.Forms.Message ByRef)
na System.Windows.Forms.Control.WndProc(System.Windows.Forms.Message ByRef)
na System.Windows.Forms.Form.WmShowWindow(System.Windows.Forms.Message ByRef)
na DevExpress.XtraEditors.XtraForm.WndProc(System.Windows.Forms.Message ByRef)
na System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)
na DevExpress.Utils.Drawing.Helpers.NativeMethods+UnsafeNativeMethods.DefSubclassProc(IntPtr, IntPtr, IntPtr, IntPtr)
na DevExpress.Utils.Drawing.Helpers.Win32SubclasserFactory+Win32Subclasser.SubClassProcInner(IntPtr, IntPtr, IntPtr, IntPtr, IntPtr, IntPtr)

Error: (09/20/2018 12:49:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: KillerControlCenter.exe, verze: 1.0.762.0, časové razítko: 0x57ed485b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2998
Čas spuštění chybující aplikace: 0x01d4506aff4f35fd
Cesta k chybující aplikaci: C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: fffa677b-f54f-42bf-a773-97ca7102509f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/20/2018 11:53:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/20/2018 08:58:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/20/2018 08:55:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/20/2018 01:52:39 AM) (Source: DCOM) (EventID: 10005) (User: MSI)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_4dc22 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (09/20/2018 01:52:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_4dc22 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/20/2018 01:52:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Uživatelská služba pro GameDVR a vysílání her_4dc22 bylo dosaženo časového limitu (30000 ms).

Error: (09/20/2018 12:51:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/20/2018 12:48:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll


CodeIntegrity:
===================================

Date: 2018-09-12 15:56:31.989
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 15:56:31.979
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 15:56:31.724
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-12 15:56:31.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-12 15:56:26.221
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 15:56:26.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 15:56:24.570
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 15:56:24.558
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 31%
Total physical RAM: 8109.34 MB
Available physical RAM: 5559.26 MB
Total Virtual: 10925.34 MB
Available Virtual: 6972.66 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:36.98 GB) NTFS
Drive d: (Data) (Fixed) (Total:914.31 GB) (Free:304.98 GB) NTFS

\\?\Volume{d26f5b69-fabb-4104-84e2-96af8141b083}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.36 GB) NTFS
\\?\Volume{ec3cb55c-d33a-4379-b567-e8d53193dc41}\ (BIOS_RVY) (Fixed) (Total:17.2 GB) (Free:0.69 GB) NTFS
\\?\Volume{05e3399e-7d7c-473e-b28b-9e368eb1175c}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: E5FB1047)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E5FB11A6)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: WMI Provider Host-CPU

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Task: {CC7D8F96-6E91-4832-B8F9-86175BF034A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

EmptyTemp:
End
Uložte do D:\Češtiny jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

Re: WMI Provider Host-CPU

#7 Příspěvek od Tomiket »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Tomík (20-09-2018 13:23:18) Run:1
Running from D:\Češtiny
Loaded Profiles: Tomík (Available Profiles: Tomík)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Task: {CC7D8F96-6E91-4832-B8F9-86175BF034A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7" => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC7D8F96-6E91-4832-B8F9-86175BF034A6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC7D8F96-6E91-4832-B8F9-86175BF034A6}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54635027 B
Java, Flash, Steam htmlcache => 450721036 B
Windows/system/drivers => 2751684 B
Edge => 0 B
Chrome => 0 B
Firefox => 654117903 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 48710 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Tomík => 5665415155 B

RecycleBin => 0 B
EmptyTemp: => 6.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:25:10 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: WMI Provider Host-CPU

#8 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

Re: WMI Provider Host-CPU

#9 Příspěvek od Tomiket »

Bohužel ne, jakmile přepnu výkon z "ECO" na "Sport" vyskočí vytížení CPU na 100% a teplota.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: WMI Provider Host-CPU

#10 Příspěvek od Rudy »

Zkuste tento videonávod: https://www.youtube.com/watch?v=-dunsngQ7cg .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

Re: WMI Provider Host-CPU

#11 Příspěvek od Tomiket »

Bohužel tato služba v seznamu nejní, tudíš jí nelze ani vypnout.
services.msc-Obrázek
Už kdysi jsem vypínal "vyhledávání", protože vytěžovalo bezdůvodně CPU.

Takto to ve správci úloh blázní. pokud je notebook přepnut na vyšší výkon.)
(Hostitelské služby: bude nahrávání videa.)
Youtube
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: WMI Provider Host-CPU

#12 Příspěvek od Rudy »

Udělejte obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

Re: WMI Provider Host-CPU

#13 Příspěvek od Tomiket »

Jsem si zcela jistý, že jsem zálohu systému povolil. Nu nicméně jak koukám je, a tedy v tuto chvíly již nejní, zakázaná, leč bod obnovení tedy nejní žádný, ale stejně by to asi k ničemu nevedlo, neboť nevím, kdy k tomuto došlo, jak jsem psal, jedu vpodstatě pořád v režimu "ECO" a pokud je potřeba na chvilku přepnu na "Komfort". V těchto dvou modech to ovšem nezlobí. Takže kdy k tomu mohlo dojít netuším.
Naštěstí jsem si udělal zálohu systému hned první den co jsem si notebook donesl z obchodu, tak když o to půjde tak jej obnovím z toho.
Vzhledem k tomu, že nenašlo krom těch 2 čehosi nic jiného, dá se předpokládat, že to bude chyba systému pro řízení výkonu. pravděpodobně nějaký problém s Dragon center nebo SCM.

Řešit to zatím tedy asi nebudu, spokojím se s tím, že tu nejní snad žádný uličník.

(na okraj, zkoušel jsem dnes spustit hru Kingdomcome: Deliverance a přepnout na "vysoký výkon "sport"" a vše kupodivu bylo v pořádku. Hra používala 86% CPU a ostatní procesy max 2%)


Tedy každopádně děkuji za Váš čas a Vůli pomoct. ;) Vážim si jí.

S Pozdravem Tomík.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: WMI Provider Host-CPU

#14 Příspěvek od Rudy »

Ještě je možné zkusit opravu pomocí WindowsRepair: http://www.stahuj.cz/utility_a_ostatni/ ... d]=1141382 . Já děkuji a vy nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tomiket
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 19 zář 2018 20:07

Re: WMI Provider Host-CPU

#15 Příspěvek od Tomiket »

Tak chyba opravená :-D



Postupujíc dle návodu v půlce opravy opadlo zatížení Cpu na standardní hodnoty včetně teploty (soudě dle snížení otáček ventilátoru) . Opravu jsem nechal dojet do konce a nechal program restartovat notebook.

Pak začala sranda :-D. Zřejmě zahynula tabulka a systémové HDD je čisté jak slovo boží. Ještě štěstí, že jsem si kdysi udělal bitvou kopii. A uložil jí k ovladačům na datovém HDD. Alespoň jsem si zopakoval dos příkazy a přes cmd vytahal recovery_hdd 1-5 (18Gb) na Flash disk.

Je to má blbost a měl jsem dát na intuici. ;-). Nebo pořádně číst :-D.
Každopádně pozitivní efekt na chybu to mělo. Takže hotovo ;)
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“