Právě je 14 pro 2019 18:13

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 16 ]  Přejít na stránku 1, 2  Další
Autor Zpráva
PříspěvekNapsal: 19 kvě 2019 12:54 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Zdravím,

poslední dobou mám problém s internetem. Každých 5 minut spadne na 5-10s, někdy více. U providera prý problém není, zkoušel jsem na chvilku odpojit ze zásuvky modem a znovu připojit, ale bez úspěchu.

LOGy zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2019-05-19 13:54:24
Microsoft Windows 10 Home
System drive C: has 28 GB (13%) free of 228 GB
Total RAM: 8137 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:54:25, on 19.05.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [OneDrive] "C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [TSMApplication] "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Startup: chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (x86)\LightComp eDoklady Skenováni\iehelper.html
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HPSmartDeviceAgentBase - Unknown owner - c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 11383 bytes

======Listing Processes======









c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\Windows\system32\IProsetMonitor.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc

c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {6b73f94d-7f5c-4985-a59f2239203f99f8}
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\rempl\sedsvc.exe"
"C:\Program Files\rempl\sedlauncher.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\AUDIODG.EXE 0x718
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService


C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\TiltWheelMouse.exe"
AvastUI.exe /nogui
"C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Gyazo\GyStation.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\foobar2000\foobar2000.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\David\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=74.0.3729.157 --initial-client-data=0x1e0,0x1e4,0x1e8,0x1dc,0x1ec,0x7ffc3d428b80,0x7ffc3d428b90,0x7ffc3d428ba0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1736 --on-initialized-event-handle=712 --parent-handle=724 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAABAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=5530164265304499956 --mojo-platform-channel-handle=1684 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=3660193908589176520 --mojo-platform-channel-handle=1988 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7666577820158893343 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4965278396603202394 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3116 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5866559910022397816 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6107714220844233554 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3454087238600018794 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3431931758163915600 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
"C:\Program Files (x86)\Battle.net\Battle.net.exe"
"C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe" --session=6091022667139256175
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=gpu-process --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --no-sandbox --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20190519T102722.043484.log" --log-severity=error --product-version="Battle.net/1.14.1.11144 Chrome/69.0.3497.81" --lang=en-US --watch-browser-pid=10716 --gpu-preferences=KAAAAAAAAACAAwBgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20190519T102722.043484.log" --log-severity=error --product-version="Battle.net/1.14.1.11144 Chrome/69.0.3497.81" --lang=en-US --watch-browser-pid=10716 --service-request-channel-token=16419709393662843726 --mojo-platform-channel-handle=3144 /prefetch:2 --battle-net-helper=Battle.net.11144
taskhostw.exe
C:\Windows\System32\SystemSettingsBroker.exe -Embedding

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6865952669521954891 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11128 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12962315109201658327 --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10871690484534852807 --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2168706331028938485 --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe144_ Global\UsGthrCtrlFltPipeMssGthrPipe144 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 720 724 732 8192 728
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2754009599805862703 --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10800 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1616,15211350450575415515,1390923183873804049,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5053185689781758346 --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8844 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\David\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default

prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=4.0.0-dev]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 2177328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 1522480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-17 16404224]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2013-04-09 241152]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-04-25 261000]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2018-11-02 3942936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-05-18 1519200]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2018-10-04 1384840]
"Battle.net"=C:\Program Files (x86)\Battle.net\Battle.net.exe [2019-05-06 1098728]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-08-27 731240]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-28 19554936]
"TSMApplication"=C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [2018-12-10 1623040]

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.RTV1"=rtvcvfw64.dll
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-05-19 13:52:11 ----D---- C:\rsit
2019-05-19 13:52:11 ----D---- C:\Program Files\trend micro
2019-05-15 23:52:08 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2019-05-15 23:52:02 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2019-05-15 23:52:02 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2019-05-15 23:51:54 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2019-05-15 12:28:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28:08 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-05-15 12:28:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-05-15 12:28:03 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-05-15 12:28:03 ----A---- C:\WINDOWS\system32\wininet.dll
2019-05-15 12:28:02 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-05-15 12:28:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-05-15 12:28:01 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-05-15 12:28:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-05-15 12:27:59 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-15 12:27:59 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-05-15 12:27:58 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-05-15 12:27:57 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-05-15 12:27:57 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-05-15 12:27:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-05-15 12:27:57 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-05-15 12:27:56 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-05-15 12:27:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-05-15 12:27:56 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-05-15 12:27:56 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-15 12:27:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\dosvc.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\ole32.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\fcon.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\daxexec.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\winload.exe
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-05-15 12:27:50 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\winresume.exe
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\werconcpl.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\wer.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\msi.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\jscript.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\hal.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\AcGenral.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\ieproxy.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\fveapi.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\domgmt.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\werui.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\profsvc.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\nltest.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\cryptdll.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\cryptdll.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\wersvc.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\SDDS.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\RDSPnf.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\perfproc.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\netlogon.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\kdnet.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\FilterDS.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\EduPrintProv.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\BingASDS.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\bcdedit.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\atmfd.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\perfproc.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\NetDriverInstall.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\utcutil.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\fveapibase.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\browserexport.exe
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\BFE.DLL
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-12 03:27:10 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\OpenCL.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2019-05-10 02:31:19 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2019-05-10 02:31:19 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\system32\nvcuda.dll
2019-05-10 02:31:15 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2019-05-10 02:31:15 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2019-05-10 02:31:15 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2019-04-25 03:13:40 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2019-05-19 13:52:19 ----D---- C:\WINDOWS\Prefetch
2019-05-19 13:52:15 ----D---- C:\WINDOWS\system32\drivers\etc
2019-05-19 13:52:11 ----RD---- C:\Program Files
2019-05-19 13:47:00 ----D---- C:\WINDOWS\system32\sru
2019-05-19 13:44:53 ----D---- C:\WINDOWS\Temp
2019-05-19 13:43:22 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-05-19 13:32:44 ----D---- C:\Users\David\AppData\Roaming\obs-studio
2019-05-19 12:27:01 ----D---- C:\WINDOWS\system32\NDF
2019-05-19 12:25:40 ----D---- C:\ProgramData\NVIDIA
2019-05-19 12:20:42 ----D---- C:\Users\David\AppData\Roaming\foobar2000
2019-05-19 12:18:19 ----D---- C:\WINDOWS\system32\SleepStudy
2019-05-19 12:18:17 ----D---- C:\WINDOWS\system32\LogFiles
2019-05-19 12:17:57 ----RD---- C:\WINDOWS\Microsoft.NET
2019-05-19 02:38:17 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2019-05-19 00:00:16 ----D---- C:\WINDOWS\AppReadiness
2019-05-18 02:02:02 ----D---- C:\WINDOWS\system32\Tasks
2019-05-17 15:19:43 ----SHD---- C:\System Volume Information
2019-05-17 07:00:10 ----D---- C:\WINDOWS\Logs
2019-05-17 04:15:31 ----D---- C:\Users\David\AppData\Roaming\vlc
2019-05-17 03:57:00 ----HD---- C:\Program Files\WindowsApps
2019-05-17 01:15:59 ----D---- C:\WINDOWS\system32\config
2019-05-17 01:14:48 ----SHD---- C:\WINDOWS\Installer
2019-05-17 01:14:46 ----D---- C:\Program Files\rempl
2019-05-16 17:08:15 ----RSD---- C:\WINDOWS\assembly
2019-05-16 05:53:58 ----D---- C:\WINDOWS\WinSxS
2019-05-16 05:51:35 ----D---- C:\WINDOWS\system32\catroot2
2019-05-15 23:57:55 ----D---- C:\WINDOWS\System32
2019-05-15 23:57:55 ----D---- C:\WINDOWS\INF
2019-05-15 23:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-15 23:52:08 ----D---- C:\WINDOWS\system32\drivers
2019-05-15 23:51:56 ----D---- C:\WINDOWS\SysWOW64
2019-05-15 23:51:53 ----D---- C:\WINDOWS\system32\DriverStore
2019-05-15 14:11:08 ----D---- C:\WINDOWS\TextInput
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-05-15 14:11:07 ----SD---- C:\WINDOWS\system32\DiagSvcs
2019-05-15 14:11:07 ----RSD---- C:\WINDOWS\Fonts
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\zu-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\yo-NG
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\xh-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\wo-SN
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\tn-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ti-ET
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\rw-RW
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\nso-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\migration
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ig-NG
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\en-US
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\cs-CZ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\Boot
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\ShellExperiences
2019-05-15 14:11:07 ----D---- C:\WINDOWS\bcastdvr
2019-05-15 14:11:07 ----D---- C:\WINDOWS\apppatch
2019-05-15 12:30:33 ----D---- C:\WINDOWS\CbsTemp
2019-05-15 12:27:32 ----D---- C:\WINDOWS\system32\MRT
2019-05-15 12:25:04 ----D---- C:\WINDOWS\debug
2019-05-15 12:25:02 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-05-15 12:17:47 ----D---- C:\Windows
2019-05-15 12:15:29 ----RD---- C:\Program Files (x86)
2019-05-15 04:31:49 ----AD---- C:\Users\David\AppData\Roaming\Curse Client
2019-05-15 00:48:35 ----D---- C:\Users\David\AppData\Roaming\discord
2019-05-14 21:44:58 ----AD---- C:\Hearthstone
2019-05-12 23:30:01 ----D---- C:\Program Files (x86)\Steam
2019-05-10 04:39:17 ----D---- C:\ProgramData\NVIDIA Corporation
2019-05-10 02:34:33 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-05-07 21:51:16 ----A---- C:\WINDOWS\system32\nvapi64.dll
2019-05-07 02:36:19 ----AD---- C:\Program Files (x86)\Battle.net
2019-05-06 07:35:31 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-05-06 04:43:14 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2019-05-06 04:43:13 ----A---- C:\WINDOWS\system32\nvcpl.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nvshext.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nvmctray.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2019-05-04 01:53:18 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-05-02 03:44:02 ----D---- C:\WINDOWS\SoftwareDistribution
2019-05-02 03:42:56 ----D---- C:\WINDOWS\LiveKernelReports
2019-04-25 03:13:40 ----HD---- C:\WINDOWS\ELAMBKUP
2019-04-22 18:01:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-22 18:01:38 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-04-25 37104]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-04-25 196000]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblog.sys [2019-04-25 320624]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-04-25 57888]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-01-10 15488]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-04-25 88160]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-04-25 385848]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2011-11-07 17192]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-04-25 205400]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-04-25 254128]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-04-25 257832]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-04-25 42288]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-04-25 112520]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-04-25 1031000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-04-25 476776]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2019-05-12 153328]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-04-25 166848]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-04-25 220640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2019-05-12 199768]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-14 30264]
R3 dtliteusbbus;@oem29.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-14 47672]
R3 e1dexpress;@oem3.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [2016-10-25 541184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-17 4603136]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2019-05-15 127136]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2019-05-15 73912]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2019-05-15 275232]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2019-05-15 117344]
R3 MEIx64;@oem37.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-07-28 184608]
R3 NVHDA;@oem38.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2019-05-06 228608]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bfe69934a6b764ef\nvlddmkm.sys [2019-05-07 21672560]
R3 nvvad_WaveExtensible;@oem46.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem18.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-10-03 66792]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-02-01 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 HPEWSFXBULK;HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [2016-09-13 29248]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-05-03 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-03-28 30336]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2016-10-24 14024]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-04-25 362488]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_c28ffe0;Uživatelská služba platformy připojených zařízení_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 272352]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 6562472]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-04-02 781680]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-05-06 782136]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-04-02 782192]
R2 OneSyncSvc_c28ffe0;Hostitel synchronizace_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-05-11 362296]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-04-25 6660888]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-08-27 3730024]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_c28ffe0;Data kontaktů_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S2 HPSmartDeviceAgentBase;HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [2017-10-25 68608]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-04-25 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_c28ffe0;Uživatelská služba pro GameDVR a vysílání her_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_c28ffe0;Služba pro podporu uživatelů Bluetooth_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_c28ffe0;DevicePicker_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_c28ffe0;Tok zařízení_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-17 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe [2019-05-14 1267696]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_c28ffe0;Služba zasílání zpráv_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-04-16 238544]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-04-02 781680]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-11-06 2308936]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_c28ffe0;PrintWorkflow_c28ffe0; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]

-----------------EOF-----------------


Nahoru
 Profil  
 
PříspěvekNapsal: 19 kvě 2019 12:56 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by David (administrator) on DESKTOP-7D2FQ0G (19-05-2019 13:54:50)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David & Mamka)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piotr Pawlowski) [File not signed] C:\Program Files (x86)\foobar2000\foobar2000.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-09-17] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942936 2018-11-02] (Logitech -> Logitech, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1098728 2019-05-06] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2018-12-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-14] (Google LLC -> Google Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.lnk [2018-09-27]
ShortcutTarget: chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {095F2473-E395-4A5C-B14B-9591697F94FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {0A9F1717-02A0-484A-BF62-1E45555FE2B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {104B8479-2520-4DA4-81F8-5E3F3E9BBA8D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {1358DD75-3E01-4FAD-84A3-F7D30ECA51F6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32781C79-4E9A-4CCC-AD2D-04DCC72EE9A9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3906E0B8-DDDB-4B33-BFC5-F96E879E4D20} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {40FE9DE1-5C5B-42D5-9679-6D13C2740EA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14614416 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {42889F39-0441-4158-B6D9-954237B30754} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48601F58-7A20-4D77-8F11-8E1A0AD80B23} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {554AB09E-0A14-41F0-8D40-2F38DFE8410B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CBB4F15-4D8A-48E9-B4CF-FDD42C1CA65B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {75E6028A-FC9C-4A82-89C8-AA98EAA9A862} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {952FF45B-D9C8-4257-8405-056578353803} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2018-10-04] (Nota Inc. -> Nota Inc.)
Task: {A759CB3C-5883-47B3-A04F-A8F5F7D93DC5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A7E1B264-8397-4E0A-97E3-9732B4FCD57C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6494C7C-46FF-4944-94A3-1209C263C877} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2018-10-04] (Nota Inc. -> Nota Inc.)
Task: {C0E520BC-4860-4613-810D-FDDBD4FEA28C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3B4146D-7BB2-4877-9787-BCF2277493D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {C4B5A0E0-1D82-442E-9E73-146E56234B86} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [1456128 2018-11-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CD767385-FDA1-44B9-B165-E40A1531BB79} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8843130-A061-4352-BD1B-6B3FCC2269C3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8C7A51E-9724-4DBA-8787-389B30DF6B95} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F10A0FAB-3E61-40F4-BB5B-A9E623F7C0E9} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308936 2018-11-06] (Overwolf Ltd -> Overwolf LTD)
Task: {FEEB1248-CDD0-46F8-8D70-459B2F5E3C17} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b34a42e0-d16e-4479-92c1-0376d21a5832}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 3911gjs4.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default [2019-05-19]
FF Homepage: Mozilla\Firefox\Profiles\3911gjs4.default -> hxxps://www.facebook.com/
FF Extension: (Avast Online Security) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default\Extensions\wrc@avast.com.xpi [2019-04-25]
FF Extension: (Telemetry coverage) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default\features\{08b62918-f6ad-48fd-944d-876b4b9587be}\telemetry-coverage-bug1487578@mozilla.org.xpi [2019-03-11] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=4.0.0-dev -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-12-10] (VideoLAN) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://facebook.com/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-05-19]
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-03-13]
CHR Extension: (Video Downloader PLUS) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2019-04-22]
CHR Extension: (AdBlock) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-30]
CHR Extension: (Darkness - Beautiful Dark Themes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2019-05-04]
CHR Extension: (Twitch Now) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-04-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2018-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-07]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [68608 2017-10-25] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308936 2018-11-06] (Overwolf Ltd -> Overwolf LTD)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-05-12] (Malwarebytes Corporation -> Malwarebytes)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29248 2016-09-13] (Hewlett-Packard Company -> Hewlett Packard)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-05-12] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bfe69934a6b764ef\nvlddmkm.sys [21672560 2019-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 13:54 - 2019-05-19 13:55 - 000027949 _____ C:\Users\David\Desktop\FRST.txt
2019-05-19 13:54 - 2019-05-19 13:54 - 000000000 ____D C:\FRST
2019-05-19 13:52 - 2019-05-19 13:54 - 000000000 ____D C:\Program Files\trend micro
2019-05-19 13:52 - 2019-05-19 13:53 - 002435072 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2019-05-19 13:52 - 2019-05-19 13:52 - 000000000 ____D C:\rsit
2019-05-19 13:51 - 2019-05-19 13:51 - 001222144 _____ C:\Users\David\Desktop\RSITx64.exe
2019-05-17 20:16 - 2019-05-17 20:17 - 001535117 _____ C:\Users\David\Desktop\aaaaaaaaaaa.mp4
2019-05-15 23:52 - 2019-05-15 23:52 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-15 23:52 - 2019-05-15 23:52 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-15 23:52 - 2019-05-15 23:52 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-15 23:51 - 2019-05-15 23:51 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-15 12:28 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-15 12:28 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-15 12:28 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-15 12:28 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-15 12:28 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-15 12:28 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-15 12:28 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-15 12:28 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-15 12:27 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 12:27 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-15 12:27 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-15 12:27 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-15 12:27 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-15 12:27 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 12:27 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-15 12:27 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-15 12:27 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-15 12:27 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 12:27 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-15 12:27 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-15 12:27 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 12:27 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-15 12:27 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-15 12:27 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-15 12:27 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-15 12:27 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-15 12:27 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-15 12:27 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-15 12:27 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-15 12:27 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-15 12:27 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-15 12:27 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-15 12:27 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-15 12:27 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-15 12:27 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-15 12:27 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-15 12:27 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-15 12:27 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-15 12:27 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-15 12:27 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-15 12:27 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-15 12:27 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-15 12:27 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-15 12:27 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-15 12:27 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-15 12:27 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-15 12:27 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-15 12:27 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-15 12:27 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-15 12:27 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-15 12:27 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-15 12:27 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-15 12:27 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-15 12:27 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-15 12:27 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-15 12:27 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-15 12:27 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-15 12:27 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-15 12:27 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-15 12:27 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-15 12:27 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-15 12:27 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-15 12:27 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-15 12:27 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-15 12:27 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-15 12:27 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-15 12:27 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-15 12:27 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-15 12:27 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-15 12:27 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-15 12:27 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-15 12:27 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-15 12:27 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-15 12:27 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-15 12:27 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-15 12:27 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-15 12:27 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-15 12:27 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-15 12:27 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-15 12:27 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-15 12:27 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-15 12:27 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-15 12:27 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-15 12:27 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-15 12:27 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-15 12:27 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-15 12:27 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-15 12:27 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-15 12:27 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-15 12:27 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-15 12:27 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-15 12:27 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-15 12:27 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-15 12:27 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-15 12:27 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-15 12:27 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-15 12:27 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-15 12:27 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-15 12:27 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-15 12:27 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-15 12:27 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-15 12:27 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-15 12:27 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-15 12:27 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-15 12:27 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-15 12:27 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-15 12:27 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-15 12:27 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-15 12:27 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-15 12:27 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-15 12:27 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-14 23:34 - 2019-05-14 23:34 - 000061639 _____ C:\Users\David\Desktop\ZŠ MŠ Měník.pdf
2019-05-13 04:48 - 2019-05-13 05:00 - 000000000 ____D C:\Users\David\Desktop\2001.Maniacs.Field.of.Screams.2010.1080p.BluRay.H264.AAC-RARBG
2019-05-12 18:20 - 2019-05-12 18:20 - 000000000 ____D C:\Users\David\Desktop\Green.Lantern.2011.EXTENDED.1080p.BluRay.H264.AAC-RARBG
2019-05-12 03:27 - 2019-05-12 03:27 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-10 02:31 - 2019-05-07 21:56 - 011051912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 009486536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000457096 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31 - 2019-05-07 21:56 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-05-10 02:31 - 2019-05-07 21:56 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31 - 2019-05-07 21:56 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-05-10 02:31 - 2019-05-07 21:55 - 002039688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 001470856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 001134016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000821152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000675416 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000541656 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 035270232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 020187904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 017465512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 005421960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 004758728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001721600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001540488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001162448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 000911616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 000808840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 000654080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-05-10 02:31 - 2019-05-07 21:51 - 004340120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-05-10 02:31 - 2019-05-06 07:35 - 000046848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-05-06 04:29 - 2019-05-06 19:45 - 000000000 ____D C:\Users\David\Desktop\Solo.A.Star.Wars.Story.2018.1080p.BluRay.x264-SPARKS[rarbg]
2019-05-02 19:52 - 2019-05-02 21:35 - 1851550744 _____ C:\Users\David\Desktop\L.H.-Lord-Hoven-2013.avi
2019-04-25 03:13 - 2019-04-25 03:13 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 13:51 - 2018-08-27 16:02 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-19 13:51 - 2018-08-27 16:02 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-19 13:51 - 2018-06-26 20:11 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-06-26 20:11 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-06-26 20:11 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-06-26 20:11 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-06-26 20:11 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-05-17 19:11 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-19 13:51 - 2018-05-17 19:11 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-05-17 19:11 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-05-17 19:11 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-19 13:51 - 2018-05-17 19:11 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-05-17 19:11 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-05-17 19:11 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1002
2019-05-19 13:51 - 2018-05-17 19:11 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1004
2019-05-19 13:51 - 2018-05-17 19:11 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-05-17 19:11 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-19 13:51 - 2018-05-17 19:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-05-19 13:51 - 2016-10-15 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2019-05-19 13:43 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-19 13:32 - 2016-10-14 21:41 - 000000000 ____D C:\Users\David\AppData\Roaming\obs-studio
2019-05-19 12:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-19 12:25 - 2017-08-17 09:21 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-19 12:20 - 2016-10-15 16:57 - 000000000 ____D C:\Users\David\AppData\Roaming\foobar2000
2019-05-19 12:18 - 2018-05-17 19:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-19 11:45 - 2017-09-18 22:03 - 000000000 ____D C:\Users\David\AppData\Local\AVAST Software
2019-05-19 02:38 - 2016-10-14 22:22 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2019-05-19 00:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-18 02:02 - 2018-05-17 19:07 - 000002365 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-18 02:02 - 2016-10-14 19:34 - 000000000 ___RD C:\Users\David\OneDrive
2019-05-17 04:15 - 2017-12-11 07:31 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2019-05-17 03:57 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-17 01:14 - 2018-11-16 01:00 - 000000000 ____D C:\Program Files\rempl
2019-05-16 20:03 - 2016-10-15 02:52 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2019-05-16 17:26 - 2016-10-24 21:54 - 000000000 ____D C:\Users\David\AppData\Local\Ubisoft Game Launcher
2019-05-16 16:35 - 2017-11-18 22:32 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2019-05-16 05:45 - 2018-05-18 06:43 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2019-05-15 23:57 - 2018-05-17 19:10 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-15 23:57 - 2018-04-12 17:50 - 000716072 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-15 23:57 - 2018-04-12 17:50 - 000144864 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-15 23:57 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-15 23:51 - 2018-05-17 19:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-15 23:51 - 2018-05-17 19:07 - 000000000 ____D C:\Users\bejja
2019-05-15 23:51 - 2018-05-17 19:04 - 000402912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-15 14:11 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-15 12:30 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-15 12:27 - 2016-10-14 23:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 12:25 - 2016-10-14 23:11 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-15 04:31 - 2017-03-31 01:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Curse Client
2019-05-15 00:48 - 2016-12-31 19:33 - 000000000 ____D C:\Users\David\AppData\Roaming\discord
2019-05-15 00:40 - 2016-10-20 22:47 - 000000000 ____D C:\Users\David\AppData\Local\Personify
2019-05-14 21:44 - 2016-10-15 02:54 - 000000000 ____D C:\Hearthstone
2019-05-14 21:38 - 2016-10-07 13:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-14 13:54 - 2018-05-17 19:07 - 000000000 ____D C:\Users\David
2019-05-13 12:59 - 2018-02-04 06:56 - 000000000 ____D C:\Users\David\Desktop\Úklidy plochy
2019-05-12 23:30 - 2016-10-21 01:59 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-12 03:27 - 2019-03-03 13:23 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-10 04:39 - 2017-08-17 09:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-05-10 02:34 - 2017-08-17 09:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-05-10 02:31 - 2016-10-07 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-05-07 21:51 - 2018-05-09 18:02 - 005085152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-05-07 02:36 - 2016-10-15 02:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-05-06 07:35 - 2018-05-09 18:02 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-05-06 07:35 - 2018-05-09 18:02 - 000228608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-05-06 07:35 - 2018-05-09 18:02 - 000052319 _____ C:\WINDOWS\system32\nvinfo.pb
2019-05-06 04:43 - 2017-08-17 09:21 - 005432176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 002637808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 001767736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000125424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-05 04:17 - 2016-12-04 20:46 - 000087397 _____ C:\Users\David\Desktop\trollings.txt
2019-05-04 01:53 - 2018-04-12 01:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-04-12 01:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-02 03:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-26 17:12 - 2018-05-17 19:11 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-25 21:45 - 2017-08-17 09:21 - 008571382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-04-25 18:51 - 2018-03-15 11:00 - 000000000 ____D C:\Users\David\AppData\LocalLow\Mozilla
2019-04-25 03:13 - 2019-04-13 10:42 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-25 03:13 - 2019-02-13 18:49 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-25 03:13 - 2019-01-14 17:24 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-25 03:13 - 2018-11-04 19:16 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-25 03:13 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-25 03:13 - 2017-11-21 13:05 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-23 20:23 - 2016-10-15 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Blizzard Entertainment
2019-04-22 18:01 - 2018-03-14 22:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-22 18:01 - 2016-10-25 00:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2017-08-02 23:57 - 2018-04-05 16:53 - 000000006 _____ () C:\Users\David\AppData\Roaming\.nfe_lock
2016-12-18 23:22 - 2016-12-18 23:22 - 000029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by David (19-05-2019 13:55:48)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-05-17 17:12:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3482348820-1896476200-1895645591-500 - Administrator - Disabled)
David (S-1-5-21-3482348820-1896476200-1895645591-1002 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-3482348820-1896476200-1895645591-503 - Limited - Disabled)
Guest (S-1-5-21-3482348820-1896476200-1895645591-501 - Limited - Disabled)
Mamka (S-1-5-21-3482348820-1896476200-1895645591-1004 - Limited - Enabled) => C:\Users\bejja
WDAGUtilityAccount (S-1-5-21-3482348820-1896476200-1895645591-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
APP Shop v1.0.21 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.21 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Batman - Arkham Origins (HKLM-x32\...\Batman - Arkham Origins_is1) (Version: - )
Batman Arkham Knight v.1.0.4.5 (HKLM-x32\...\Batman Arkham Knight_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Čeština do hry The Evil Within včetně 3 DLC v1.1 (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Čeština do hry The Evil Within včetně 3 DLC v1.1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0603 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Deus Ex - Human Revolution version 1.0 (HKLM-x32\...\{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1) (Version: 1.0 - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Fallout 4 v.1.1.30 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
foobar2000 v1.3.12 (HKLM-x32\...\foobar2000) (Version: 1.3.12 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Gyazo 3.4.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\HearthstoneDeckTracker) (Version: 1.6.9 - HearthSim)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HPSmartDeviceAgentBase (HKLM-x32\...\{F7270182-8AD0-420F-92A3-52438ED810A9}) (Version: 1.1.0.0 - HP Inc)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\{657DFCCF-B080-44B1-9AEA-61676011A1AE}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logitech-kameraindstillinger (HKLM-x32\...\LogiUCDPP) (Version: 1.1.87.0 - Logitech Europe S.A.)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.3 (x64 cs)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.119.2.19 - Overwolf Ltd.)
Ovládací panel NVIDIA 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.64 - NVIDIA Corporation) Hidden
Personify ChromaCam (remove only) (HKLM-x32\...\Personify ChromaCam) (Version: 1.1.6.7 - Personify, Inc.)
PixelHealer (HKLM\...\PixelHealer) (Version: 1.5.0.30 - Aurelitec)
Print Conductor 5.4 (HKLM-x32\...\Print Conductor_is1) (Version: 5.4 - fCoder SIA)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7614 - Realtek Semiconductor Corp.)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
Rise Of The Tomb Raider 20 Years Celebration (HKLM-x32\...\{EDD218D6-C5A2-4C88-88B0-7D0DA4B0B9F4}_is1) (Version: - Square Enix)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Streamlabs OBS 0.11.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.1 - General Workings, Inc.)
Super Seducer (HKLM\...\SKIDROW - Super Seducer) (Version: - SKIDROW)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Walking Dead A New Frontier Episode 1 (HKLM-x32\...\The Walking Dead A New Frontier Episode 1_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 4.0.0-dev - VideoLAN)
VooPoo version 1.5.1.30 (HKLM-x32\...\{63EEAD1F-3FC8-40F5-A415-E4BE098004C0}_is1) (Version: 1.5.1.30 - KunShan XW-TEC)
Warframe (HKLM-x32\...\{72BD42A9-6701-42EB-B77A-2AFC0C499F5E}) (Version: 1.0.0 - Digital Extremes)
Watch Dogs Deluxe Edition version 1.05.324 (HKLM-x32\...\Watch Dogs Deluxe Edition_is1) (Version: 1.05.324 - GMT-MAX.ORG)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.139.500.0_x86__kgqvnymyfvs32 [2019-05-17] (king.com)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2017-03-26] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-03-20] (HP Inc.)
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3482348820-1896476200-1895645591-1002_Classes\CLSID\{9a338598-86a1-4119-8b66-9d52715b6a76}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-05-06 22:05 - 2019-05-06 22:07 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\libcef.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\libEGL.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\libGLESv2.dll
2016-03-30 13:46 - 2016-03-30 13:46 - 000356352 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 000309760 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 000536576 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 000205312 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 000250880 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 000296448 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2016-03-30 13:45 - 2016-03-30 13:45 - 000307200 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 001423360 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2016-10-25 22:18 - 2016-10-04 20:19 - 000172032 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_np_simple.dll
2016-03-30 13:44 - 2016-03-30 13:44 - 000375296 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 001083392 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 000276480 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2016-09-16 12:41 - 2016-09-16 12:41 - 000156160 _____ () [File not signed] C:\Program Files (x86)\foobar2000\shared.dll
2019-02-04 03:26 - 2015-02-24 23:43 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2019-02-04 03:26 - 2015-02-24 23:44 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2019-02-04 03:26 - 2015-12-16 00:18 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2019-02-04 03:26 - 2015-10-25 05:32 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2019-02-04 03:26 - 2015-10-25 05:36 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2019-02-04 03:26 - 2015-10-25 05:43 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2019-02-04 03:26 - 2015-10-25 05:00 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2019-02-04 03:26 - 2018-12-10 05:42 - 001623040 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
2019-02-04 03:26 - 2015-02-24 23:43 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2019-05-16 17:09 - 2019-05-16 17:09 - 003083776 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\5dc977ee635281d500fee43eca9772af\DotNetCommon.ni.dll
2019-05-16 17:08 - 2019-05-16 17:08 - 004715520 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\a4602ab4b26c2dea73f1385a21abaf2f\DiscSoft.NET.Common.ni.dll
2019-05-16 17:08 - 2019-05-16 17:08 - 005184512 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLite\29d2aeff8d7cc905bc762c429c182e86\DTLite.ni.exe
2019-05-16 17:08 - 2019-05-16 17:08 - 000139264 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLiteHelper\8a6c67041ce8506a189135120200da43\DTLiteHelper.ni.exe
2016-08-19 15:43 - 2016-08-19 15:43 - 000809998 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\foobar2000\avcodec-fb2k-57.dll
2016-08-19 15:43 - 2016-08-19 15:43 - 000528910 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\foobar2000\avutil-fb2k-55.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\fmod.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2016-04-04 09:42 - 2016-04-04 09:42 - 000095696 _____ (Piotr Pawłowski -> ) [File not signed] C:\Program Files (x86)\foobar2000\zlib1.dll
2016-09-16 12:44 - 2016-09-16 12:44 - 001881600 _____ (Piotr Pawlowski) [File not signed] C:\Program Files (x86)\foobar2000\foobar2000.exe
2019-02-04 03:26 - 2015-02-24 23:43 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\chrome_elf.dll
2019-02-04 03:26 - 2018-12-10 05:42 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2019-02-04 03:26 - 2014-09-22 10:26 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2019-02-04 03:26 - 2014-09-22 10:23 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2019-02-04 03:26 - 2015-10-18 05:18 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2019-02-04 03:26 - 2015-10-18 05:18 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2019-02-04 03:26 - 2015-10-18 05:18 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2019-02-04 03:26 - 2015-10-18 09:39 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2019-02-04 03:26 - 2015-10-18 05:19 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2019-02-04 03:26 - 2015-10-18 05:05 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2019-02-04 03:26 - 2015-10-18 05:12 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2019-02-04 03:26 - 2015-10-18 05:16 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\audio\qtaudio_windows.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qgif.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qico.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qjpeg.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qmng.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qsvg.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qtiff.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\platforms\qwindows.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQml\Models.2\modelsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick.2\qtquick2plugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Window.2\windowplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Core.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Gui.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Multimedia.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Network.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Qml.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Quick.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5QuickControls2.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5QuickTemplates2.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Svg.dll
2019-05-06 22:08 - 2019-05-06 22:08 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Widgets.dll
2019-05-06 22:08 - 2019-05-06 22:08 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5WinExtras.dll
2019-05-06 22:08 - 2019-05-06 22:08 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-05-19 13:52 - 000000091 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 telemetry.malwarebytes.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\50881473_2319973321566441_4995713900654624768_o.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE2DE3B5-8173-4FAC-896C-9FAC3AE29D46}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{0AFE615F-ABD8-45F3-9AE8-F7117FC64CDC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [UDP Query User{95745F81-0967-4BC0-A61E-3A3E1F4555A8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9526E725-5332-4491-900A-A5B3E00C15F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{215B305F-3793-4710-866F-AAAFC4D5A75D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2D1F0F24-59F0-49DC-9CBA-9166ED79341E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C03AB2BE-B25F-4357-9117-35F841408DDF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68FBEF50-D0C9-4B70-A3DA-FA8AB9F5C96E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07C80E55-684E-4AF7-BA2E-FE48E15D519C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{590ECA65-CB04-4FD0-A277-F0EE87E65CCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{72CA7C7D-10FB-4D96-B4E3-9AC3B9BB9EDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28C2D19F-C193-4A94-97AD-664B24F1C348}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{4E78FE47-39A7-4FF5-B50E-9D3F33018409}D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.) [File not signed]
FirewallRules: [TCP Query User{BCB27527-7A77-4104-9B92-647DB40416A7}D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.) [File not signed]
FirewallRules: [UDP Query User{4894D9CD-74EE-4F4D-B682-799DCF973BD9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{11522C14-B13A-4060-A2EB-03E1287F5182}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [UDP Query User{91D8D5EF-65AF-489F-9D02-3B2AF8FA7CC4}C:\hearthstone\hearthstone.exe] => (Allow) C:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{C73A3C9B-2B09-45AC-B756-1DA1120F230D}C:\hearthstone\hearthstone.exe] => (Allow) C:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{747FE15F-A487-4A02-A70A-A9E98014E198}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{AFC1F7F7-ED3C-4777-85B5-65678200DA35}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{30431157-60F2-404A-B781-4FC5A1FE4407}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{32FF5D5F-AE6F-4F4E-9C6A-A44362281CD3}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0329B052-4C9E-40FD-AD0B-127686849CB4}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{7DA08C82-AB8E-46FE-83A4-6CCF7A8EAA24}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F9B04128-D8B4-493D-B96B-5A6BAD2795ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3741751F-5BEE-45CB-837A-59E83B005968}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C6717FD1-C1CD-42BE-B332-10194F946F21}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{17A2EB32-506B-4BE4-A929-63766D004B9D}D:\hry\overwatch\overwatch.exe] => (Allow) D:\hry\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{FE5F0E2A-D035-4A50-A5F8-BA2FE25D5002}D:\hry\overwatch\overwatch.exe] => (Allow) D:\hry\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{800F5B6B-E791-4A3F-B9AB-8024EC1BC2F3}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{7AFFE434-0D46-45BF-BA2E-6D34F397B6F5}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{98050A6F-1373-48CC-83FA-4BBE97A3F9B5}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7EC9CC81-508D-4D45-8E81-DB52CCF2436E}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{502EF961-5B71-4A32-969F-BA5D52140A00}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{10D5C4D9-2E6B-4B67-A476-5281B56C5955}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{06AC170C-54F5-41D1-B2B9-6B5A0A08E0E1}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{302C507C-4DA4-49AB-B64A-8352BC41950E}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{868DC772-83F9-4569-9C9E-24ACE20FE225}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{E9201D63-AA6F-4C2C-AD70-C640E98FA5EC}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{1BF097A8-86EB-4A27-8877-0686C3BB5A0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95AD0B2D-1730-4550-86EF-B8EB2D417607}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD206C48-F17D-4EAC-8360-78F1B0B11FDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABC7B572-F380-47F2-B726-C649C9598BFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BD229DF1-F3E4-4D12-BE0B-BBAE92E2CD2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

15-05-2019 12:24:49 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2019 01:54:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: ab8

Čas spuštění: 01d50e394a3d8060

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\David\Desktop\RSITx64.exe

ID hlášení: 24e41d6a-c164-4520-be71-9ffa336a781c

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (05/19/2019 11:44:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/18/2019 11:56:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/18/2019 02:01:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/17/2019 08:12:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/17/2019 01:30:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/16/2019 08:03:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 3.1.0.1807, časové razítko: 0x5cc0b4e2
Název chybujícího modulu: Qt5Core.dll, verze: 5.11.1.0, časové razítko: 0x5cba0161
Kód výjimky: 0xc0000005
Posun chyby: 0x0018dc19
ID chybujícího procesu: 0x181c
Čas spuštění chybující aplikace: 0x01d50bec609173d3
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: df11636f-cc78-46cc-bfed-afbfb4344f92
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/16/2019 03:36:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.


System errors:
=============
Error: (05/19/2019 01:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 13krát.

Error: (05/19/2019 01:33:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 12krát.

Error: (05/19/2019 01:32:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 11krát.

Error: (05/19/2019 01:23:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 10krát.

Error: (05/19/2019 01:23:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 9krát.

Error: (05/19/2019 01:07:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 8krát.

Error: (05/19/2019 01:06:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 7krát.

Error: (05/19/2019 01:03:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_c28ffe0 byla neočekávaně ukončena. Tento stav nastal již 6krát.


CodeIntegrity:
===================================

Date: 2018-12-10 15:55:57.059
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:32.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:32.781
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:26.516
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:25.035
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 12:50:07.736
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 12:49:43.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 12:49:43.446
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.80 01/26/2016
Motherboard: ASRock Z170 Extreme4
Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 64%
Total physical RAM: 8137.27 MB
Available physical RAM: 2871.26 MB
Total Virtual: 17865.27 MB
Available Virtual: 9689.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.18 GB) (Free:27.7 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:280.01 GB) NTFS

\\?\Volume{153a7e41-9717-4114-b409-806cd10646b5}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{a57f3c44-5d42-4e0e-a549-233e2a1c34ff}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{138a95a2-35ad-430f-91a6-0617b595d599}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 19 kvě 2019 14:46 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110025
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 03:29 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Hotovo, LOG je zde.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-20-2019
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1309 octets] - [20/05/2019 04:27:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 09:20 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110025
Bydliště: Plzeň
Dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 10:00 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
LOGy zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2019-05-20 10:59:33
Microsoft Windows 10 Home
System drive C: has 25 GB (11%) free of 228 GB
Total RAM: 8137 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:59:34, on 20.05.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [OneDrive] "C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [TSMApplication] "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Startup: chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (x86)\LightComp eDoklady Skenováni\iehelper.html
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HPSmartDeviceAgentBase - Unknown owner - c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 11383 bytes

======Listing Processes======










winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\Windows\system32\IProsetMonitor.exe

C:\Windows\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
dashost.exe {a4f2064d-82a4-4bf1-9a206e27f54d5b59}

c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\TiltWheelMouse.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p
AvastUI.exe /nogui
"C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Gyazo\GyStation.exe"
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe" --session=17499898107865635469
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=gpu-process --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --no-sandbox --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20190520T022850.505811.log" --log-severity=error --product-version="Battle.net/1.14.1.11144 Chrome/69.0.3497.81" --lang=en-US --watch-browser-pid=10828 --gpu-preferences=KAAAAAAAAACAAwBgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20190520T022850.505811.log" --log-severity=error --product-version="Battle.net/1.14.1.11144 Chrome/69.0.3497.81" --lang=en-US --watch-browser-pid=10828 --service-request-channel-token=18226817688405020617 --mojo-platform-channel-handle=3068 /prefetch:2 --battle-net-helper=Battle.net.11144
C:\WINDOWS\system32\AUDIODG.EXE 0x5fc
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\rempl\sedsvc.exe"

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}

"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=renderer --no-sandbox --file-url-path-alias="/gen=C:\Program Files (x86)\Battle.net\gen" --force-device-scale-factor=1 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=1571913185548853770 --lang=en-US --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20190520T022850.505811.log" --log-severity=error --product-version="Battle.net/1.14.1.11144 Chrome/69.0.3497.81" --disable-spell-checking --enable-system-flash --uncaught-exception-stack-size=10 --watch-browser-pid=10828 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1571913185548853770 --renderer-client-id=7 --mojo-platform-channel-handle=840 /prefetch:1 --battle-net-helper=Battle.net.11144
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 724 728 736 8192 732

C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\Windows\System32\smartscreen.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\David\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default

prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=4.0.0-dev]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 2177328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 1522480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-17 16404224]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2013-04-09 241152]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-04-25 261000]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2018-11-02 3942936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-05-18 1519200]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2018-10-04 1384840]
"Battle.net"=C:\Program Files (x86)\Battle.net\Battle.net.exe [2019-05-06 1098728]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-08-27 731240]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-28 19554936]
"TSMApplication"=C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [2018-12-10 1623040]

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.RTV1"=rtvcvfw64.dll
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-05-20 04:28:14 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2019-05-20 04:28:12 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2019-05-20 04:28:11 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2019-05-20 04:28:09 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2019-05-20 04:27:00 ----D---- C:\AdwCleaner
2019-05-19 13:54:47 ----D---- C:\FRST
2019-05-19 13:52:11 ----D---- C:\rsit
2019-05-19 13:52:11 ----D---- C:\Program Files\trend micro
2019-05-15 12:28:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28:08 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-05-15 12:28:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-05-15 12:28:03 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-05-15 12:28:03 ----A---- C:\WINDOWS\system32\wininet.dll
2019-05-15 12:28:02 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-05-15 12:28:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-05-15 12:28:01 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-05-15 12:28:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-05-15 12:27:59 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-15 12:27:59 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-05-15 12:27:58 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-05-15 12:27:57 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-05-15 12:27:57 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-05-15 12:27:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-05-15 12:27:57 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-05-15 12:27:56 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-05-15 12:27:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-05-15 12:27:56 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-05-15 12:27:56 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-15 12:27:55 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-15 12:27:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-05-15 12:27:54 ----A---- C:\WINDOWS\system32\dosvc.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\ole32.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\fcon.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-05-15 12:27:53 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\daxexec.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-15 12:27:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\winload.exe
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-05-15 12:27:51 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-05-15 12:27:50 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\winresume.exe
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\werconcpl.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\wer.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\msi.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\jscript.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\hal.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-05-15 12:27:50 ----A---- C:\WINDOWS\system32\AcGenral.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\ieproxy.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\fveapi.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\domgmt.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-05-15 12:27:49 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\werui.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\profsvc.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\nltest.exe
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\cryptdll.dll
2019-05-15 12:27:48 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\SYSWOW64\cryptdll.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\wersvc.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\SDDS.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\RDSPnf.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\perfproc.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\netlogon.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\kdnet.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\FilterDS.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\EduPrintProv.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\BingASDS.dll
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\bcdedit.exe
2019-05-15 12:27:47 ----A---- C:\WINDOWS\system32\atmfd.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\perfproc.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\NetDriverInstall.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2019-05-15 12:27:46 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\utcutil.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\fveapibase.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\browserexport.exe
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\BFE.DLL
2019-05-15 12:27:46 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-12 03:27:10 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\OpenCL.dll
2019-05-10 02:31:22 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2019-05-10 02:31:19 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2019-05-10 02:31:19 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2019-05-10 02:31:18 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-10 02:31:17 ----A---- C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2019-05-10 02:31:16 ----A---- C:\WINDOWS\system32\nvcuda.dll
2019-05-10 02:31:15 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2019-05-10 02:31:15 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2019-05-10 02:31:15 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2019-04-25 03:13:40 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2019-05-20 10:59:31 ----D---- C:\WINDOWS\Prefetch
2019-05-20 10:59:31 ----D---- C:\Users\David\AppData\Roaming\foobar2000
2019-05-20 10:59:23 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2019-05-20 10:58:26 ----D---- C:\WINDOWS\Temp
2019-05-20 10:58:04 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-05-20 10:34:00 ----D---- C:\WINDOWS\system32\sru
2019-05-20 08:18:07 ----AD---- C:\Users\David\AppData\Roaming\Curse Client
2019-05-20 04:34:11 ----D---- C:\WINDOWS\System32
2019-05-20 04:34:11 ----D---- C:\WINDOWS\INF
2019-05-20 04:34:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-20 04:31:52 ----D---- C:\WINDOWS\AppReadiness
2019-05-20 04:30:19 ----D---- C:\ProgramData\NVIDIA
2019-05-20 04:28:28 ----D---- C:\WINDOWS\system32\Tasks
2019-05-20 04:28:14 ----D---- C:\WINDOWS\system32\drivers
2019-05-20 04:28:09 ----D---- C:\WINDOWS\system32\catroot2
2019-05-19 13:55:58 ----D---- C:\Windows
2019-05-19 13:52:15 ----D---- C:\WINDOWS\system32\drivers\etc
2019-05-19 13:52:11 ----RD---- C:\Program Files
2019-05-19 13:32:44 ----D---- C:\Users\David\AppData\Roaming\obs-studio
2019-05-19 12:27:01 ----D---- C:\WINDOWS\system32\NDF
2019-05-19 12:18:19 ----D---- C:\WINDOWS\system32\SleepStudy
2019-05-19 12:18:17 ----D---- C:\WINDOWS\system32\LogFiles
2019-05-19 12:17:57 ----RD---- C:\WINDOWS\Microsoft.NET
2019-05-17 15:19:43 ----SHD---- C:\System Volume Information
2019-05-17 07:00:10 ----D---- C:\WINDOWS\Logs
2019-05-17 04:15:31 ----D---- C:\Users\David\AppData\Roaming\vlc
2019-05-17 03:57:00 ----HD---- C:\Program Files\WindowsApps
2019-05-17 01:15:59 ----D---- C:\WINDOWS\system32\config
2019-05-17 01:14:48 ----SHD---- C:\WINDOWS\Installer
2019-05-17 01:14:46 ----D---- C:\Program Files\rempl
2019-05-16 17:08:15 ----RSD---- C:\WINDOWS\assembly
2019-05-16 05:53:58 ----D---- C:\WINDOWS\WinSxS
2019-05-15 23:51:56 ----D---- C:\WINDOWS\SysWOW64
2019-05-15 23:51:53 ----D---- C:\WINDOWS\system32\DriverStore
2019-05-15 14:11:08 ----D---- C:\WINDOWS\TextInput
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-05-15 14:11:08 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-05-15 14:11:07 ----SD---- C:\WINDOWS\system32\DiagSvcs
2019-05-15 14:11:07 ----RSD---- C:\WINDOWS\Fonts
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\zu-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\yo-NG
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\xh-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\wo-SN
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\tn-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ti-ET
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\rw-RW
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\nso-ZA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\migration
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ig-NG
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\en-US
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\cs-CZ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\Boot
2019-05-15 14:11:07 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-05-15 14:11:07 ----D---- C:\WINDOWS\ShellExperiences
2019-05-15 14:11:07 ----D---- C:\WINDOWS\bcastdvr
2019-05-15 14:11:07 ----D---- C:\WINDOWS\apppatch
2019-05-15 12:30:33 ----D---- C:\WINDOWS\CbsTemp
2019-05-15 12:27:32 ----D---- C:\WINDOWS\system32\MRT
2019-05-15 12:25:04 ----D---- C:\WINDOWS\debug
2019-05-15 12:25:02 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-05-15 12:15:29 ----RD---- C:\Program Files (x86)
2019-05-15 00:48:35 ----D---- C:\Users\David\AppData\Roaming\discord
2019-05-14 21:44:58 ----AD---- C:\Hearthstone
2019-05-12 23:30:01 ----D---- C:\Program Files (x86)\Steam
2019-05-10 04:39:17 ----D---- C:\ProgramData\NVIDIA Corporation
2019-05-10 02:34:33 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-05-07 21:51:16 ----A---- C:\WINDOWS\system32\nvapi64.dll
2019-05-07 02:36:19 ----AD---- C:\Program Files (x86)\Battle.net
2019-05-06 07:35:31 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-05-06 04:43:14 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2019-05-06 04:43:13 ----A---- C:\WINDOWS\system32\nvcpl.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nvshext.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nvmctray.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-06 04:43:12 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2019-05-04 01:53:18 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-05-02 03:44:02 ----D---- C:\WINDOWS\SoftwareDistribution
2019-05-02 03:42:56 ----D---- C:\WINDOWS\LiveKernelReports
2019-04-25 03:13:40 ----HD---- C:\WINDOWS\ELAMBKUP
2019-04-22 18:01:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-22 18:01:38 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-04-25 37104]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-04-25 196000]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblog.sys [2019-04-25 320624]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-04-25 57888]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-01-10 15488]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-04-25 88160]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-04-25 385848]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2011-11-07 17192]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-04-25 205400]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-04-25 254128]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-04-25 257832]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-04-25 42288]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-04-25 112520]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-04-25 1031000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-04-25 476776]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2019-05-12 153328]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-04-25 166848]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-04-25 220640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2019-05-12 199768]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-14 30264]
R3 dtliteusbbus;@oem29.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-14 47672]
R3 e1dexpress;@oem3.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [2016-10-25 541184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-17 4603136]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2019-05-20 127136]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2019-05-20 73912]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2019-05-20 275232]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2019-05-20 117344]
R3 MEIx64;@oem37.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-07-28 184608]
R3 NVHDA;@oem38.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2019-05-06 228608]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bfe69934a6b764ef\nvlddmkm.sys [2019-05-07 21672560]
R3 nvvad_WaveExtensible;@oem46.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem18.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-10-03 66792]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-02-01 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 HPEWSFXBULK;HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [2016-09-13 29248]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-05-03 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-03-28 30336]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2016-10-24 14024]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-04-25 362488]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_5b886;Uživatelská služba platformy připojených zařízení_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 272352]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 6562472]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-04-02 781680]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-05-06 782136]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-04-02 782192]
R2 OneSyncSvc_5b886;Hostitel synchronizace_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-05-11 362296]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-04-25 6660888]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-08-27 3730024]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_5b886;Data kontaktů_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S2 HPSmartDeviceAgentBase;HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [2017-10-25 68608]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-04-25 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_5b886;Uživatelská služba pro GameDVR a vysílání her_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_5b886;Služba pro podporu uživatelů Bluetooth_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_5b886;DevicePicker_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_5b886;Tok zařízení_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-17 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe [2019-05-14 1267696]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_5b886;Služba zasílání zpráv_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-04-16 238544]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-04-02 781680]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-11-06 2308936]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_5b886;PrintWorkflow_5b886; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]

-----------------EOF-----------------


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 10:02 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by David (administrator) on DESKTOP-7D2FQ0G (20-05-2019 11:00:09)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David & Mamka)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-09-17] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942936 2018-11-02] (Logitech -> Logitech, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1098728 2019-05-06] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2018-12-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-14] (Google LLC -> Google Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.lnk [2018-09-27]
ShortcutTarget: chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {095F2473-E395-4A5C-B14B-9591697F94FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {0A9F1717-02A0-484A-BF62-1E45555FE2B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {104B8479-2520-4DA4-81F8-5E3F3E9BBA8D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {1358DD75-3E01-4FAD-84A3-F7D30ECA51F6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32781C79-4E9A-4CCC-AD2D-04DCC72EE9A9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3906E0B8-DDDB-4B33-BFC5-F96E879E4D20} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {40FE9DE1-5C5B-42D5-9679-6D13C2740EA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14614416 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {42889F39-0441-4158-B6D9-954237B30754} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48601F58-7A20-4D77-8F11-8E1A0AD80B23} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {554AB09E-0A14-41F0-8D40-2F38DFE8410B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CBB4F15-4D8A-48E9-B4CF-FDD42C1CA65B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {75E6028A-FC9C-4A82-89C8-AA98EAA9A862} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {952FF45B-D9C8-4257-8405-056578353803} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2018-10-04] (Nota Inc. -> Nota Inc.)
Task: {A759CB3C-5883-47B3-A04F-A8F5F7D93DC5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A7E1B264-8397-4E0A-97E3-9732B4FCD57C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6494C7C-46FF-4944-94A3-1209C263C877} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2018-10-04] (Nota Inc. -> Nota Inc.)
Task: {C0E520BC-4860-4613-810D-FDDBD4FEA28C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3B4146D-7BB2-4877-9787-BCF2277493D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {C4B5A0E0-1D82-442E-9E73-146E56234B86} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [1456128 2018-11-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CD767385-FDA1-44B9-B165-E40A1531BB79} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8843130-A061-4352-BD1B-6B3FCC2269C3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8C7A51E-9724-4DBA-8787-389B30DF6B95} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F10A0FAB-3E61-40F4-BB5B-A9E623F7C0E9} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308936 2018-11-06] (Overwolf Ltd -> Overwolf LTD)
Task: {FEEB1248-CDD0-46F8-8D70-459B2F5E3C17} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b34a42e0-d16e-4479-92c1-0376d21a5832}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 3911gjs4.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default [2019-05-20]
FF Homepage: Mozilla\Firefox\Profiles\3911gjs4.default -> hxxps://www.facebook.com/
FF Extension: (Avast Online Security) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default\Extensions\wrc@avast.com.xpi [2019-04-25]
FF Extension: (Telemetry coverage) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default\features\{08b62918-f6ad-48fd-944d-876b4b9587be}\telemetry-coverage-bug1487578@mozilla.org.xpi [2019-03-11] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=4.0.0-dev -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-12-10] (VideoLAN) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://facebook.com/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-05-20]
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-03-13]
CHR Extension: (Video Downloader PLUS) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2019-04-22]
CHR Extension: (AdBlock) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-30]
CHR Extension: (Darkness - Beautiful Dark Themes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2019-05-04]
CHR Extension: (Twitch Now) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-04-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2018-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-07]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [68608 2017-10-25] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308936 2018-11-06] (Overwolf Ltd -> Overwolf LTD)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-05-12] (Malwarebytes Corporation -> Malwarebytes)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29248 2016-09-13] (Hewlett-Packard Company -> Hewlett Packard)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-05-12] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-05-20] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bfe69934a6b764ef\nvlddmkm.sys [21672560 2019-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-20 07:07 - 2019-05-20 08:35 - 000000000 ____D C:\Users\David\Desktop\Marvels.Agents.of.S.H.I.E.L.D.S06E02.1080p.AMZN.WEBRip.DDP5.1.x264-T6D[rarbg]
2019-05-20 07:04 - 2019-05-20 07:04 - 000031613 _____ C:\Users\David\Desktop\Marvel-s-Agents.of.S.H.I.E.L.D.S06E02.zip
2019-05-20 04:28 - 2019-05-20 04:28 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-20 04:28 - 2019-05-20 04:28 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-20 04:28 - 2019-05-20 04:28 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-20 04:28 - 2019-05-20 04:28 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-20 04:27 - 2019-05-20 04:27 - 000000000 ____D C:\AdwCleaner
2019-05-20 04:26 - 2019-05-20 04:26 - 007025360 _____ (Malwarebytes) C:\Users\David\Desktop\adwcleaner_7.3.exe
2019-05-19 13:55 - 2019-05-19 13:56 - 000055186 _____ C:\Users\David\Desktop\Addition.txt
2019-05-19 13:54 - 2019-05-20 11:00 - 000027525 _____ C:\Users\David\Desktop\FRST.txt
2019-05-19 13:54 - 2019-05-20 11:00 - 000000000 ____D C:\FRST
2019-05-19 13:52 - 2019-05-20 10:59 - 000000000 ____D C:\Program Files\trend micro
2019-05-19 13:52 - 2019-05-19 13:53 - 002435072 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2019-05-19 13:52 - 2019-05-19 13:52 - 000000000 ____D C:\rsit
2019-05-19 13:51 - 2019-05-19 13:51 - 001222144 _____ C:\Users\David\Desktop\RSITx64.exe
2019-05-17 20:16 - 2019-05-17 20:17 - 001535117 _____ C:\Users\David\Desktop\aaaaaaaaaaa.mp4
2019-05-15 12:28 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-15 12:28 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-15 12:28 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 12:28 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-15 12:28 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-15 12:28 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-15 12:28 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-15 12:28 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-15 12:28 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-15 12:27 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 12:27 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-15 12:27 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-15 12:27 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-15 12:27 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-15 12:27 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 12:27 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-15 12:27 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-15 12:27 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-15 12:27 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 12:27 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-15 12:27 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-15 12:27 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 12:27 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-15 12:27 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-15 12:27 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-15 12:27 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-15 12:27 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-15 12:27 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-15 12:27 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-15 12:27 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-15 12:27 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-15 12:27 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-15 12:27 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-15 12:27 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-15 12:27 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-15 12:27 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-15 12:27 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-15 12:27 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-15 12:27 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-15 12:27 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-15 12:27 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-15 12:27 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-15 12:27 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-15 12:27 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-15 12:27 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-15 12:27 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-15 12:27 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-15 12:27 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-15 12:27 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-15 12:27 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-15 12:27 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-15 12:27 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-15 12:27 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-15 12:27 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-15 12:27 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-15 12:27 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-15 12:27 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-15 12:27 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-15 12:27 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-15 12:27 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-15 12:27 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-15 12:27 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-15 12:27 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-15 12:27 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-15 12:27 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-15 12:27 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-15 12:27 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-15 12:27 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 12:27 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-15 12:27 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-15 12:27 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 12:27 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-15 12:27 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-15 12:27 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-15 12:27 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-15 12:27 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-15 12:27 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-15 12:27 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-15 12:27 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-15 12:27 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-15 12:27 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-15 12:27 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-15 12:27 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-15 12:27 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-15 12:27 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-15 12:27 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-15 12:27 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-15 12:27 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-15 12:27 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-15 12:27 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-15 12:27 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-15 12:27 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-15 12:27 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-15 12:27 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-15 12:27 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-15 12:27 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-15 12:27 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-15 12:27 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-15 12:27 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-15 12:27 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-15 12:27 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-15 12:27 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-15 12:27 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-15 12:27 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-15 12:27 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-15 12:27 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-15 12:27 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-15 12:27 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-15 12:27 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-15 12:27 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-15 12:27 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-15 12:27 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-15 12:27 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-15 12:27 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-15 12:27 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-15 12:27 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-15 12:27 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-15 12:27 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-15 12:27 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-15 12:27 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-15 12:27 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-15 12:27 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-15 12:27 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-15 12:27 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-15 12:27 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-15 12:27 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-15 12:27 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-15 12:27 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-15 12:27 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-14 23:34 - 2019-05-14 23:34 - 000061639 _____ C:\Users\David\Desktop\ZŠ MŠ Měník.pdf
2019-05-13 04:48 - 2019-05-13 05:00 - 000000000 ____D C:\Users\David\Desktop\2001.Maniacs.Field.of.Screams.2010.1080p.BluRay.H264.AAC-RARBG
2019-05-12 18:20 - 2019-05-12 18:20 - 000000000 ____D C:\Users\David\Desktop\Green.Lantern.2011.EXTENDED.1080p.BluRay.H264.AAC-RARBG
2019-05-12 03:27 - 2019-05-12 03:27 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-10 02:31 - 2019-05-07 21:56 - 011051912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 009486536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000457096 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-05-10 02:31 - 2019-05-07 21:56 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31 - 2019-05-07 21:56 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-05-10 02:31 - 2019-05-07 21:56 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-05-10 02:31 - 2019-05-07 21:56 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-05-10 02:31 - 2019-05-07 21:55 - 002039688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 001470856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 001134016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000821152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000675416 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000541656 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-05-10 02:31 - 2019-05-07 21:55 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 035270232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 020187904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 017465512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 005421960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 004758728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001721600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001540488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 001162448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 000911616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 000808840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-05-10 02:31 - 2019-05-07 21:54 - 000654080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-05-10 02:31 - 2019-05-07 21:51 - 004340120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-05-10 02:31 - 2019-05-06 07:35 - 000046848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-05-06 04:29 - 2019-05-06 19:45 - 000000000 ____D C:\Users\David\Desktop\Solo.A.Star.Wars.Story.2018.1080p.BluRay.x264-SPARKS[rarbg]
2019-05-02 19:52 - 2019-05-02 21:35 - 1851550744 _____ C:\Users\David\Desktop\L.H.-Lord-Hoven-2013.avi
2019-04-25 03:13 - 2019-04-25 03:13 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-20 10:59 - 2016-10-15 16:57 - 000000000 ____D C:\Users\David\AppData\Roaming\foobar2000
2019-05-20 10:59 - 2016-10-14 22:22 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2019-05-20 10:58 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-20 10:58 - 2016-10-15 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2019-05-20 10:32 - 2018-08-27 16:02 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-20 10:32 - 2018-08-27 16:02 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-20 10:32 - 2018-06-26 20:11 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-06-26 20:11 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-06-26 20:11 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-06-26 20:11 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-06-26 20:11 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-05-17 19:11 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-20 10:32 - 2018-05-17 19:11 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-05-17 19:11 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-05-17 19:11 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-20 10:32 - 2018-05-17 19:11 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-05-17 19:11 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-05-17 19:11 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1002
2019-05-20 10:32 - 2018-05-17 19:11 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1004
2019-05-20 10:32 - 2018-05-17 19:11 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-05-17 19:11 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-20 10:32 - 2018-05-17 19:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-05-20 08:18 - 2017-03-31 01:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Curse Client
2019-05-20 04:34 - 2018-05-17 19:10 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-20 04:34 - 2018-04-12 17:50 - 000716072 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-20 04:34 - 2018-04-12 17:50 - 000144864 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-20 04:34 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-20 04:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-20 04:30 - 2017-08-17 09:21 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-20 04:29 - 2017-09-18 22:03 - 000000000 ____D C:\Users\David\AppData\Local\AVAST Software
2019-05-20 04:28 - 2018-05-17 19:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-20 04:27 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-19 13:32 - 2016-10-14 21:41 - 000000000 ____D C:\Users\David\AppData\Roaming\obs-studio
2019-05-19 12:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-19 12:18 - 2018-05-17 19:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-18 02:02 - 2018-05-17 19:07 - 000002365 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-18 02:02 - 2016-10-14 19:34 - 000000000 ___RD C:\Users\David\OneDrive
2019-05-17 04:15 - 2017-12-11 07:31 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2019-05-17 03:57 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-17 01:14 - 2018-11-16 01:00 - 000000000 ____D C:\Program Files\rempl
2019-05-16 20:03 - 2016-10-15 02:52 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2019-05-16 17:26 - 2016-10-24 21:54 - 000000000 ____D C:\Users\David\AppData\Local\Ubisoft Game Launcher
2019-05-16 16:35 - 2017-11-18 22:32 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2019-05-16 05:45 - 2018-05-18 06:43 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2019-05-15 23:51 - 2018-05-17 19:07 - 000000000 ____D C:\Users\bejja
2019-05-15 23:51 - 2018-05-17 19:04 - 000402912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-15 14:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-15 12:30 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-15 12:27 - 2016-10-14 23:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 12:25 - 2016-10-14 23:11 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-15 00:48 - 2016-12-31 19:33 - 000000000 ____D C:\Users\David\AppData\Roaming\discord
2019-05-15 00:40 - 2016-10-20 22:47 - 000000000 ____D C:\Users\David\AppData\Local\Personify
2019-05-14 21:44 - 2016-10-15 02:54 - 000000000 ____D C:\Hearthstone
2019-05-14 21:38 - 2016-10-07 13:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-14 13:54 - 2018-05-17 19:07 - 000000000 ____D C:\Users\David
2019-05-13 12:59 - 2018-02-04 06:56 - 000000000 ____D C:\Users\David\Desktop\Úklidy plochy
2019-05-12 23:30 - 2016-10-21 01:59 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-12 03:27 - 2019-03-03 13:23 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-10 04:39 - 2017-08-17 09:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-05-10 02:34 - 2017-08-17 09:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-05-10 02:31 - 2016-10-07 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-05-07 21:51 - 2018-05-09 18:02 - 005085152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-05-07 02:36 - 2016-10-15 02:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-05-06 07:35 - 2018-05-09 18:02 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-05-06 07:35 - 2018-05-09 18:02 - 000228608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-05-06 07:35 - 2018-05-09 18:02 - 000052319 _____ C:\WINDOWS\system32\nvinfo.pb
2019-05-06 04:43 - 2017-08-17 09:21 - 005432176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 002637808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 001767736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000125424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-05-06 04:43 - 2017-08-17 09:21 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-05 04:17 - 2016-12-04 20:46 - 000087397 _____ C:\Users\David\Desktop\trollings.txt
2019-05-04 01:53 - 2018-04-12 01:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-04-12 01:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-02 03:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-26 17:12 - 2018-05-17 19:11 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-25 21:45 - 2017-08-17 09:21 - 008571382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-04-25 18:51 - 2018-03-15 11:00 - 000000000 ____D C:\Users\David\AppData\LocalLow\Mozilla
2019-04-25 03:13 - 2019-04-13 10:42 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-25 03:13 - 2019-02-13 18:49 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-25 03:13 - 2019-01-14 17:24 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-25 03:13 - 2019-01-10 04:28 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-25 03:13 - 2018-11-04 19:16 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-25 03:13 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-25 03:13 - 2017-11-21 13:05 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-25 03:13 - 2016-10-14 19:45 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-23 20:23 - 2016-10-15 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Blizzard Entertainment
2019-04-22 18:01 - 2018-03-14 22:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-22 18:01 - 2016-10-25 00:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2017-08-02 23:57 - 2018-04-05 16:53 - 000000006 _____ () C:\Users\David\AppData\Roaming\.nfe_lock
2016-12-18 23:22 - 2016-12-18 23:22 - 000029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by David (20-05-2019 11:01:03)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-05-17 17:12:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3482348820-1896476200-1895645591-500 - Administrator - Disabled)
David (S-1-5-21-3482348820-1896476200-1895645591-1002 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-3482348820-1896476200-1895645591-503 - Limited - Disabled)
Guest (S-1-5-21-3482348820-1896476200-1895645591-501 - Limited - Disabled)
Mamka (S-1-5-21-3482348820-1896476200-1895645591-1004 - Limited - Enabled) => C:\Users\bejja
WDAGUtilityAccount (S-1-5-21-3482348820-1896476200-1895645591-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
APP Shop v1.0.21 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.21 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Batman - Arkham Origins (HKLM-x32\...\Batman - Arkham Origins_is1) (Version: - )
Batman Arkham Knight v.1.0.4.5 (HKLM-x32\...\Batman Arkham Knight_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Čeština do hry The Evil Within včetně 3 DLC v1.1 (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Čeština do hry The Evil Within včetně 3 DLC v1.1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0603 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Deus Ex - Human Revolution version 1.0 (HKLM-x32\...\{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1) (Version: 1.0 - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Fallout 4 v.1.1.30 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
foobar2000 v1.3.12 (HKLM-x32\...\foobar2000) (Version: 1.3.12 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Gyazo 3.4.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\HearthstoneDeckTracker) (Version: 1.6.9 - HearthSim)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HPSmartDeviceAgentBase (HKLM-x32\...\{F7270182-8AD0-420F-92A3-52438ED810A9}) (Version: 1.1.0.0 - HP Inc)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\{657DFCCF-B080-44B1-9AEA-61676011A1AE}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logitech-kameraindstillinger (HKLM-x32\...\LogiUCDPP) (Version: 1.1.87.0 - Logitech Europe S.A.)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.3 (x64 cs)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.119.2.19 - Overwolf Ltd.)
Ovládací panel NVIDIA 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.64 - NVIDIA Corporation) Hidden
Personify ChromaCam (remove only) (HKLM-x32\...\Personify ChromaCam) (Version: 1.1.6.7 - Personify, Inc.)
PixelHealer (HKLM\...\PixelHealer) (Version: 1.5.0.30 - Aurelitec)
Print Conductor 5.4 (HKLM-x32\...\Print Conductor_is1) (Version: 5.4 - fCoder SIA)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7614 - Realtek Semiconductor Corp.)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
Rise Of The Tomb Raider 20 Years Celebration (HKLM-x32\...\{EDD218D6-C5A2-4C88-88B0-7D0DA4B0B9F4}_is1) (Version: - Square Enix)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Streamlabs OBS 0.11.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.1 - General Workings, Inc.)
Super Seducer (HKLM\...\SKIDROW - Super Seducer) (Version: - SKIDROW)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Walking Dead A New Frontier Episode 1 (HKLM-x32\...\The Walking Dead A New Frontier Episode 1_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 4.0.0-dev - VideoLAN)
VooPoo version 1.5.1.30 (HKLM-x32\...\{63EEAD1F-3FC8-40F5-A415-E4BE098004C0}_is1) (Version: 1.5.1.30 - KunShan XW-TEC)
Warframe (HKLM-x32\...\{72BD42A9-6701-42EB-B77A-2AFC0C499F5E}) (Version: 1.0.0 - Digital Extremes)
Watch Dogs Deluxe Edition version 1.05.324 (HKLM-x32\...\Watch Dogs Deluxe Edition_is1) (Version: 1.05.324 - GMT-MAX.ORG)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.139.500.0_x86__kgqvnymyfvs32 [2019-05-17] (king.com)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2017-03-26] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-03-20] (HP Inc.)
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3482348820-1896476200-1895645591-1002_Classes\CLSID\{9a338598-86a1-4119-8b66-9d52715b6a76}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-05-06 22:05 - 2019-05-06 22:07 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\libcef.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\libEGL.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\libGLESv2.dll
2019-02-04 03:26 - 2015-02-24 23:43 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2019-02-04 03:26 - 2015-02-24 23:44 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2019-02-04 03:26 - 2015-12-16 00:18 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2019-02-04 03:26 - 2015-10-25 05:32 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2019-02-04 03:26 - 2015-10-25 05:36 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2019-02-04 03:26 - 2015-10-25 05:43 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2019-02-04 03:26 - 2015-02-24 23:43 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2019-02-04 03:26 - 2015-10-25 05:00 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2019-02-04 03:26 - 2018-12-10 05:42 - 001623040 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
2019-02-04 03:26 - 2015-02-24 23:43 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2019-05-16 17:09 - 2019-05-16 17:09 - 003083776 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\5dc977ee635281d500fee43eca9772af\DotNetCommon.ni.dll
2019-05-16 17:08 - 2019-05-16 17:08 - 004715520 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\a4602ab4b26c2dea73f1385a21abaf2f\DiscSoft.NET.Common.ni.dll
2019-05-16 17:08 - 2019-05-16 17:08 - 005184512 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLite\29d2aeff8d7cc905bc762c429c182e86\DTLite.ni.exe
2019-05-16 17:08 - 2019-05-16 17:08 - 000139264 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLiteHelper\8a6c67041ce8506a189135120200da43\DTLiteHelper.ni.exe
2019-05-06 22:05 - 2019-05-06 22:05 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\fmod.dll
2016-06-15 04:36 - 2016-06-15 04:36 - 000050688 _____ (HP Inc.) [File not signed] c:\windows\system32\hpzinw12.dll
2016-06-15 04:36 - 2016-06-15 04:36 - 000066048 _____ (HP Inc.) [File not signed] c:\windows\system32\hpzipm12.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2019-02-04 03:26 - 2015-02-24 23:43 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\chrome_elf.dll
2019-02-04 03:26 - 2018-12-10 05:42 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2019-02-04 03:26 - 2014-09-22 10:26 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2019-02-04 03:26 - 2014-09-22 10:23 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2019-02-04 03:26 - 2015-10-18 05:18 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2019-02-04 03:26 - 2015-10-18 05:18 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2019-02-04 03:26 - 2015-10-18 05:18 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2019-02-04 03:26 - 2015-10-18 09:38 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2019-02-04 03:26 - 2015-10-18 09:39 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2019-02-04 03:26 - 2015-10-18 05:19 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2019-02-04 03:26 - 2015-10-18 05:05 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2019-02-04 03:26 - 2015-10-18 05:12 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2019-02-04 03:26 - 2015-10-18 05:16 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\audio\qtaudio_windows.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qgif.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qico.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qjpeg.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qmng.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qsvg.dll
2019-05-06 22:05 - 2019-05-06 22:05 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\imageformats\qtiff.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\platforms\qwindows.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQml\Models.2\modelsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick.2\qtquick2plugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\qml\QtQuick\Window.2\windowplugin.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Core.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Gui.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Multimedia.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Network.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Qml.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Quick.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5QuickControls2.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5QuickTemplates2.dll
2019-05-06 22:07 - 2019-05-06 22:07 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Svg.dll
2019-05-06 22:08 - 2019-05-06 22:08 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Widgets.dll
2019-05-06 22:08 - 2019-05-06 22:08 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5WinExtras.dll
2019-05-06 22:08 - 2019-05-06 22:08 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11144\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-05-19 13:52 - 000000091 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 telemetry.malwarebytes.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\50881473_2319973321566441_4995713900654624768_o.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE2DE3B5-8173-4FAC-896C-9FAC3AE29D46}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{0AFE615F-ABD8-45F3-9AE8-F7117FC64CDC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [UDP Query User{95745F81-0967-4BC0-A61E-3A3E1F4555A8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9526E725-5332-4491-900A-A5B3E00C15F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{215B305F-3793-4710-866F-AAAFC4D5A75D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2D1F0F24-59F0-49DC-9CBA-9166ED79341E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C03AB2BE-B25F-4357-9117-35F841408DDF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68FBEF50-D0C9-4B70-A3DA-FA8AB9F5C96E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07C80E55-684E-4AF7-BA2E-FE48E15D519C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{590ECA65-CB04-4FD0-A277-F0EE87E65CCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{72CA7C7D-10FB-4D96-B4E3-9AC3B9BB9EDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28C2D19F-C193-4A94-97AD-664B24F1C348}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{4E78FE47-39A7-4FF5-B50E-9D3F33018409}D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.) [File not signed]
FirewallRules: [TCP Query User{BCB27527-7A77-4104-9B92-647DB40416A7}D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) D:\hry\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.) [File not signed]
FirewallRules: [UDP Query User{4894D9CD-74EE-4F4D-B682-799DCF973BD9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{11522C14-B13A-4060-A2EB-03E1287F5182}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [UDP Query User{91D8D5EF-65AF-489F-9D02-3B2AF8FA7CC4}C:\hearthstone\hearthstone.exe] => (Allow) C:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{C73A3C9B-2B09-45AC-B756-1DA1120F230D}C:\hearthstone\hearthstone.exe] => (Allow) C:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{747FE15F-A487-4A02-A70A-A9E98014E198}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{AFC1F7F7-ED3C-4777-85B5-65678200DA35}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{30431157-60F2-404A-B781-4FC5A1FE4407}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{32FF5D5F-AE6F-4F4E-9C6A-A44362281CD3}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0329B052-4C9E-40FD-AD0B-127686849CB4}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{7DA08C82-AB8E-46FE-83A4-6CCF7A8EAA24}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F9B04128-D8B4-493D-B96B-5A6BAD2795ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3741751F-5BEE-45CB-837A-59E83B005968}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C6717FD1-C1CD-42BE-B332-10194F946F21}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{17A2EB32-506B-4BE4-A929-63766D004B9D}D:\hry\overwatch\overwatch.exe] => (Allow) D:\hry\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{FE5F0E2A-D035-4A50-A5F8-BA2FE25D5002}D:\hry\overwatch\overwatch.exe] => (Allow) D:\hry\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{800F5B6B-E791-4A3F-B9AB-8024EC1BC2F3}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{7AFFE434-0D46-45BF-BA2E-6D34F397B6F5}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{98050A6F-1373-48CC-83FA-4BBE97A3F9B5}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7EC9CC81-508D-4D45-8E81-DB52CCF2436E}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{502EF961-5B71-4A32-969F-BA5D52140A00}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{10D5C4D9-2E6B-4B67-A476-5281B56C5955}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{06AC170C-54F5-41D1-B2B9-6B5A0A08E0E1}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{302C507C-4DA4-49AB-B64A-8352BC41950E}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{868DC772-83F9-4569-9C9E-24ACE20FE225}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{E9201D63-AA6F-4C2C-AD70-C640E98FA5EC}D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{1BF097A8-86EB-4A27-8877-0686C3BB5A0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95AD0B2D-1730-4550-86EF-B8EB2D417607}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD206C48-F17D-4EAC-8360-78F1B0B11FDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABC7B572-F380-47F2-B726-C649C9598BFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BD229DF1-F3E4-4D12-BE0B-BBAE92E2CD2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

15-05-2019 12:24:49 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/20/2019 07:03:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/20/2019 03:55:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/19/2019 01:54:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: ab8

Čas spuštění: 01d50e394a3d8060

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\David\Desktop\RSITx64.exe

ID hlášení: 24e41d6a-c164-4520-be71-9ffa336a781c

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (05/19/2019 11:44:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/18/2019 11:56:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/18/2019 02:01:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/17/2019 08:12:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (05/17/2019 01:30:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.


System errors:
=============
Error: (05/20/2019 10:59:41 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7D2FQ0G)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-7D2FQ0G\David (SID: S-1-5-21-3482348820-1896476200-1895645591-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 10:27:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_5b886 byla neočekávaně ukončena. Tento stav nastal již 85krát.

Error: (05/20/2019 10:20:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_5b886 byla neočekávaně ukončena. Tento stav nastal již 84krát.

Error: (05/20/2019 10:19:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_5b886 byla neočekávaně ukončena. Tento stav nastal již 83krát.

Error: (05/20/2019 10:19:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_5b886 byla neočekávaně ukončena. Tento stav nastal již 82krát.

Error: (05/20/2019 10:18:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_5b886 byla neočekávaně ukončena. Tento stav nastal již 81krát.

Error: (05/20/2019 10:18:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_5b886 byla neočekávaně ukončena. Tento stav nastal již 80krát.

Error: (05/20/2019 10:03:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_5b886 byla neočekávaně ukončena. Tento stav nastal již 79krát.


CodeIntegrity:
===================================

Date: 2018-12-10 15:55:57.059
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:32.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:32.781
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:26.516
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-10 15:55:25.035
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 12:50:07.736
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 12:49:43.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 12:49:43.446
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.80 01/26/2016
Motherboard: ASRock Z170 Extreme4
Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 48%
Total physical RAM: 8137.27 MB
Available physical RAM: 4186.04 MB
Total Virtual: 17865.27 MB
Available Virtual: 11442.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.18 GB) (Free:24.88 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:280.01 GB) NTFS

\\?\Volume{153a7e41-9717-4114-b409-806cd10646b5}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{a57f3c44-5d42-4e0e-a549-233e2a1c34ff}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{138a95a2-35ad-430f-91a6-0617b595d599}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 11:33 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110025
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {095F2473-E395-4A5C-B14B-9591697F94FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {C3B4146D-7BB2-4877-9787-BCF2277493D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 12:34 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Hotovo, zde je Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by David (20-05-2019 13:30:37) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David & Mamka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {095F2473-E395-4A5C-B14B-9591697F94FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {C3B4146D-7BB2-4877-9787-BCF2277493D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{095F2473-E395-4A5C-B14B-9591697F94FA} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{095F2473-E395-4A5C-B14B-9591697F94FA} => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3B4146D-7BB2-4877-9787-BCF2277493D6} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3B4146D-7BB2-4877-9787-BCF2277493D6} => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 158265580 B
Java, Flash, Steam htmlcache => 34992643 B
Windows/system/drivers => 2437117 B
Edge => 586434 B
Chrome => 388600719 B
Firefox => 11960551 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4737539 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
David => 53455000 B
bejja => 64462551 B

RecycleBin => 13316727175 B
EmptyTemp: => 13.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:31:01 ====


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 16:12 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110025
Bydliště: Plzeň
Smazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 17:22 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Zatím musím zaklepat, po těch mazáních internet naštěstí nepadá, takže asi vyřešeno. :|


Nahoru
 Profil  
 
PříspěvekNapsal: 20 kvě 2019 18:02 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110025
Bydliště: Plzeň
Tak to jsem rád. :)

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 21 kvě 2019 05:24 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Jeste by me zajimalo, staci ted smazat ty soubory, co si vytvorily programy manualne nebo je na to i nejaky odinstalator? :P


Nahoru
 Profil  
 
PříspěvekNapsal: 21 kvě 2019 09:28 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110025
Bydliště: Plzeň
Spusťte znovu ADW, klikněte nastavení, sjeďte dolů a poslední možnost je odinstalace. Na ni klikněte a ADW se odinstaluje. Vše ostatní normálně smažte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 21 kvě 2019 18:17 
Offline
2. Stupeň Varování

Registrován: 08 bře 2007 14:56
Příspěvky: 216
Dekuji, tak asi muzeme zamknout - prozatim vyreseno, internet od vcera drzi :|


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 16 ]  Přejít na stránku 1, 2  Další

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?