Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Totálně zpomalený notebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Totálně zpomalený notebook

#1 Příspěvek od luki123 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Predator (administrator) on LAPTOP-H32871D3 (Acer Predator PH317-51) (14-06-2020 21:03:52)
Running from C:\Users\Predator\Desktop
Loaded Profiles: Predator
Platform: Windows 10 Home Version 1909 18363.836 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google) C:\Users\Predator\AppData\Local\Google\Chrome\User Data\SwReporter\83.237.200\software_reporter_tool.exe <4>
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.317.1359.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125896 2018-04-26] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91512680 2020-02-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32194448 2020-06-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Discord] => C:\Users\Predator\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Predator\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\Windows\system32\HPM1210LM.DLL [409088 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-01-13]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01444D27-8351-4DB1-AA67-27F1E924AC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {06DE687C-F481-41B5-B053-E0511B510E94} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1085A869-856B-4CE5-9AAD-4229C7FAF7D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {115C7F8E-0B62-4042-A238-1FFC099C8F6D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {11B931FC-ECAC-432E-B951-40E4E38B2BAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {12ED00EA-8749-4038-AD95-663DF7260F35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E77125-7724-4AC8-8487-9B5CF5E5E7A1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-18] (Acer Incorporated -> TODO: <Company name>)
Task: {18B06555-64FB-4F90-BE78-81E4388711F0} - System32\Tasks\PredatorSense => C:\Program Files (x86)\Acer\PredatorSense\PSLauncher.exe [580400 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1C697A04-79DF-4C4D-9878-F66446D85F45} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1E1C1C92-E582-42B6-864C-D4E7C639A8A6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {217A5170-499B-449C-A73B-E6919C8766EC} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {21B00D69-5CF1-43D8-9842-AC0601D0C6D4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2768176 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {23C0E068-F125-412B-9BF5-572E209A2220} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {244BEFDB-E880-44EE-B13B-5BBE27593B2A} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24A8475F-867F-4678-AD83-D67DE61D8CEC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2655156B-B3FE-4692-8B58-89F240E1D69E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2737737B-CF08-48FA-B2D6-DDCDFD03B1F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2810412A-FCF0-42F8-AF30-ED7AD2C56193} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {299BE1C2-11E5-4E69-9174-C1E17FE4754A} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {35394D25-1A0E-46E2-97ED-97B7FDC09D53} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39569F8D-4F22-43F4-824F-AD2A6CB072C0} - System32\Tasks\CareCenter\Classic Start Menu_Reg_HKLMRun => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Task: {3AA1E352-CE7A-4979-B913-B61A43C0C337} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D328568-6C20-4D5C-B878-4E5EB902FB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {50AF418D-75B5-422A-A165-D54967A7A74C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349952 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {549ACB9F-C2FD-4B48-A1E4-BE354DFFAC1D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {55D20DFD-AEA5-4EE9-B5C5-FB27EDB84395} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B451963-E3E4-4469-8A64-0C7176AB88D3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63582727-B214-4679-B1BB-C07A1A2A049E} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {6C479381-72AE-439F-A55A-4C4D7E3DA060} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {72E6435D-EE5A-4F79-8871-130D0D5A1086} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware)
Task: {7FBC3EE5-EF69-421E-A34D-7AD045738C81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C98F76-8A30-40CC-A455-C38260769978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {8F0CB262-40BF-49E5-B3E0-620E2B84FA08} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {8F533A94-4FB9-49A8-86A0-C6CA8BDE4A6E} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {9144D162-402D-477F-BBA3-A1DF0FFC2865} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91DD54DC-5515-4301-9F76-847EA14497BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {96C0A2DE-D6B0-4E0D-91BB-F2DCE221E70A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B4FFA96-4872-4F2C-BDE2-CA67802549F7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {A765D56E-CD6F-4D33-AD92-7F74B293430C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AB807AB6-BD0A-4F37-9533-A58C5DFE0E1F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC0FBED0-5ABE-4BED-AE99-23672D6AD557} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AED16B6F-BA4F-4C6B-84D5-297F1CD04F24} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [445744 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {AFD0E1D2-15E6-42BD-B4C8-52C8FDDD967E} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9EBBD50-30B3-4EE6-9A9A-8E1466D5B01A} - System32\Tasks\CareCenter\WindowsDefender_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe
Task: {BA45BC73-7A38-450E-9B17-D7DDBAADB46C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDEEE973-AC64-4AB3-BC03-B0A9F937FFC0} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {C2FF00B5-9E79-425B-8C02-F26569FD14E6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {C87C7316-AFDE-458F-9CE6-BDE3B428E751} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F0853616-4250-449E-94F1-78A18DE0AC30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0FF8321-70C3-43E2-9D5D-2278626A1B80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3316F38-6D0C-4E0A-AAB3-129224730CF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3866FBE-A8D4-4BBA-94A9-943E31990FAA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F90606BE-2D70-46ED-874C-564F42B83774} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-02-21] (Acer Incorporated -> )
Task: {FD8AD5EC-2586-410C-9303-58C3829E0C2D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{32b03b56-dfe5-4bb8-ba1a-8213a7f18dd9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c201dc45-900a-4a67-afc6-562ce01344f7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> DefaultScope {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\Predator\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-14]
Edge Extension: (Amazon Assistant) - C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2020-06-14]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-06-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default [2020-06-14]
CHR Notifications: Default -> hxxps://novaplus.nova.cz; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-24]
CHR Extension: (Dokumenty) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Disk Google) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-23]
CHR Extension: (YouTube) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-06-01]
CHR Extension: (Gmail) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-21]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-07]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8628224 2020-06-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600760 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818800 2020-03-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [947280 2020-06-12] (McAfee, LLC -> McAfee, LLC)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-04] (Microsoft Corporation -> Microsoft Corporation)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [860184 2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [791136 2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSSvc; C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe [716592 2017-08-13] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-08-11] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-08-11] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-08-10] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S3 Rockstar Service; C:\Games\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-05-24] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-25] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [81680 2019-12-23] (Qualcomm Atheros -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-13] (Microsoft Corporation) [File not signed]
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [264176 2018-12-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [192952 2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_886b780ca50b5e3e\nvlddmkm.sys [22749640 2019-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-08-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-08-10] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2017-12-15] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [55560 2018-01-09] (SteelSeries ApS -> )
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57432 2019-08-10] (Synaptics Incorporated -> Synaptics Incorporated)
S3 upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-06-09] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 21:03 - 2020-06-14 21:08 - 000040491 _____ C:\Users\Predator\Desktop\FRST.txt
2020-06-14 20:59 - 2020-06-14 21:06 - 000000000 ____D C:\FRST
2020-06-14 20:57 - 2020-06-14 20:58 - 002289152 _____ (Farbar) C:\Users\Predator\Desktop\FRST64.exe
2020-06-14 19:30 - 2020-06-14 19:30 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-14 19:25 - 2020-06-14 19:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-14 19:25 - 2020-06-14 19:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-14 17:33 - 2020-06-14 17:36 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-14 17:33 - 2020-06-14 17:35 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-12 10:55 - 2020-06-12 13:32 - 2838206999 _____ C:\Users\Predator\Downloads\Sherlock Holmes 2009 CZ dabing HD.mkv
2020-06-12 09:13 - 2020-06-12 09:13 - 000000000 ____D C:\Users\Predator\AppData\Local\Epic Games
2020-06-09 20:01 - 2020-06-09 20:01 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Ghost Town Games
2020-06-08 20:49 - 2020-06-08 20:49 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Creepy Jar
2020-06-08 20:23 - 2020-06-08 20:23 - 000001613 _____ C:\Users\Predator\Desktop\Green Hell.lnk
2020-06-08 14:58 - 2020-06-08 16:29 - 709326848 _____ C:\Users\Predator\Downloads\hlm-gree.iso
2020-06-08 14:58 - 2020-06-08 14:58 - 000044731 _____ C:\Users\Predator\Downloads\[CzT]Green_Hell_v_1_0_2019_CZ_.torrent
2020-06-07 20:54 - 2020-06-07 20:54 - 017578132 _____ C:\Users\Predator\Desktop\Fotky.rar
2020-06-07 20:53 - 2020-06-07 20:54 - 000000000 ____D C:\Users\Predator\Desktop\Fotky
2020-06-04 21:57 - 2020-06-05 00:19 - 2616193024 _____ C:\Users\Predator\Downloads\Diktátor - Full HD, CZ Dabing.avi
2020-06-02 18:23 - 2020-06-02 20:19 - 2137570294 _____ C:\Users\Predator\Downloads\Hobit_Šmakova dračí poušť_cz_The Hobbit_The Desolation of Smaug.avi
2020-05-31 21:15 - 2020-06-01 01:51 - 755473012 _____ C:\Users\Predator\Downloads\Hobit - neočekávaná cesta cz avi.avi
2020-05-27 10:45 - 2020-05-27 12:03 - 1435799552 _____ C:\Users\Predator\Downloads\Hercules-(The-Thracian-Wars)-CZ-2014.avi
2020-05-24 20:36 - 2020-05-24 20:36 - 000000000 ____D C:\Users\Predator\AppData\Local\ShadowTrackerExtra
2020-05-24 20:35 - 2020-06-09 18:56 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2020-05-24 20:35 - 2020-05-24 20:35 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2020-05-24 18:51 - 2020-05-24 18:51 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (2).exe
2020-05-24 18:43 - 2020-05-24 18:43 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (1).exe
2020-05-24 13:24 - 2020-05-24 13:24 - 000000000 ____D C:\ProgramData\PUBG
2020-05-24 13:23 - 2020-05-24 19:11 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2020-05-24 13:23 - 2020-05-24 18:51 - 000001110 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PUBG LITE.lnk
2020-05-24 13:23 - 2020-05-24 18:51 - 000001080 _____ C:\Users\Predator\Desktop\PUBG LITE.lnk
2020-05-21 20:23 - 2020-05-21 22:14 - 2048506209 _____ C:\Users\Predator\Downloads\Čarodějovy_hodiny_Cz_dabing.mkv
2020-05-20 12:39 - 2020-05-20 16:04 - 2272158039 _____ C:\Users\Predator\Downloads\Zloba Kralovna vseho zleho.mkv
2020-05-18 14:31 - 2020-05-18 14:44 - 000000000 ____D C:\Users\Predator\AppData\Roaming\CitizenFX
2020-05-18 13:04 - 2020-05-18 14:31 - 000000000 ____D C:\Users\Predator\AppData\Local\DigitalEntitlements
2020-05-17 19:20 - 2020-05-17 19:21 - 075217096 _____ (Rockstar Games.) C:\Users\Predator\Downloads\Rockstar-Games-Launcher.exe
2020-05-17 17:37 - 2020-05-17 17:37 - 000000969 _____ C:\Users\Predator\Desktop\Rockstar Games Launcher.lnk
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\ProgramData\Rockstar Games

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 21:08 - 2017-08-18 19:26 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-14 21:02 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-14 20:58 - 2017-11-24 00:13 - 000000000 ____D C:\Users\Predator\AppData\Local\ClassicShell
2020-06-14 20:28 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 20:22 - 2017-11-23 23:58 - 000000000 __SHD C:\Users\Predator\IntelGraphicsProfiles
2020-06-14 20:15 - 2019-07-11 03:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-14 20:15 - 2017-08-18 19:19 - 000000000 ___HD C:\Intel
2020-06-14 20:14 - 2019-07-11 01:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-14 19:45 - 2017-12-24 22:23 - 000000000 ____D C:\Games
2020-06-14 17:21 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-14 17:20 - 2017-11-23 14:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-14 17:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-14 17:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-12 10:29 - 2017-12-27 17:30 - 000000000 ____D C:\Users\Predator\Documents\The Witcher 3
2020-06-12 09:17 - 2019-02-16 16:05 - 000000000 ____D C:\Users\Predator\AppData\Local\BattlEye
2020-06-11 17:21 - 2019-02-28 20:48 - 000000000 ____D C:\Program Files\Epic Games
2020-06-11 09:14 - 2018-07-04 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-08 20:12 - 2017-12-24 19:32 - 000000000 ____D C:\Users\Predator\AppData\Roaming\uTorrent
2020-06-08 20:12 - 2017-11-23 09:17 - 000000000 ____D C:\Users\Predator\AppData\Local\CrashDumps
2020-06-07 10:54 - 2019-03-25 20:20 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Discord
2020-06-06 07:51 - 2019-05-13 21:03 - 000000000 ____D C:\Users\Predator\AppData\Local\PlaceholderTileLogoFolder
2020-06-05 23:03 - 2020-02-16 20:32 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2020-02-16 20:32 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 18:46 - 2018-01-21 18:22 - 000000000 ____D C:\Users\Predator\AppData\Local\Packages
2020-06-05 16:40 - 2019-07-11 03:23 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-404591140-1402169592-305344172-1001
2020-06-05 16:40 - 2019-07-11 00:57 - 000002374 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-05 16:40 - 2017-11-24 00:01 - 000000000 ___RD C:\Users\Predator\OneDrive
2020-06-05 00:12 - 2017-11-24 00:07 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-04 21:58 - 2017-11-24 00:06 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 08:20 - 2018-02-15 17:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 14:54 - 2020-03-25 15:22 - 000002383 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-06-03 14:54 - 2020-03-25 15:22 - 000002375 _____ C:\Users\Predator\Desktop\Microsoft Teams.lnk
2020-06-03 12:25 - 2018-06-18 15:50 - 000000000 ____D C:\Users\Predator\AppData\Local\Ubisoft Game Launcher
2020-05-30 08:34 - 2017-11-23 12:05 - 000000000 ____D C:\Program Files\UNP
2020-05-28 14:36 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-24 18:32 - 2019-07-11 03:23 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FC7C20F0-1C60-468E-BD15-351185194884}
2020-05-24 10:06 - 2020-04-18 10:17 - 000000000 ____D C:\Users\Predator\AppData\Local\FiveM
2020-05-23 17:59 - 2019-07-11 02:39 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-23 17:59 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-23 17:59 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-22 20:39 - 2019-08-04 13:21 - 000000000 ____D C:\Program Files\CCleaner
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:12 - 000000000 ____D C:\Users\Predator\Documents\Rockstar Games
2020-05-17 17:41 - 2019-07-09 09:44 - 000000000 ____D C:\Users\Predator\AppData\Local\D3DSCache
2020-05-17 17:41 - 2017-12-26 09:18 - 000000000 ____D C:\Users\Predator\AppData\Local\Rockstar Games

==================== Files in the root of some directories ========

2018-06-01 21:39 - 2019-07-08 22:35 - 000007629 _____ () C:\Users\Predator\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Predator (14-06-2020 21:10:08)
Running from C:\Users\Predator\Desktop
Windows 10 Home Version 1909 18363.836 (X64) (2019-07-11 01:29:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-404591140-1402169592-305344172-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-404591140-1402169592-305344172-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-404591140-1402169592-305344172-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-404591140-1402169592-305344172-501 - Limited - Disabled)
Predator (S-1-5-21-404591140-1402169592-305344172-1001 - Administrator - Enabled) => C:\Users\Predator
WDAGUtilityAccount (S-1-5-21-404591140-1402169592-305344172-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3015 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FiveM (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Green Hell (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Green Hell) (Version: - HOODLUM)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Human Fall Flat ICE (HKLM-x32\...\Human Fall Flat ICE_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4639 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
Just Cause 4 (HKLM-x32\...\{D1F33AFE-757B-4A27-9F96-D507177C3E40}_is1) (Version: - Avalanche Studios)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.109 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.35 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20838 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.20 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Planetary Annihilation TITANS (HKLM-x32\...\Planetary Annihilation TITANS_is1) (Version: - )
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
PredatorSense (HKLM-x32\...\{5A98D6E3-1EDC-43B9-B4F6-0A2B7F872F22}) (Version: 2.01.3005 - Acer Incorporated)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8838.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Skype verze 8.57 (HKLM-x32\...\Skype_is1) (Version: 8.57 - Skype Technologies S.A.)
SnowRunner (HKLM-x32\...\SnowRunner_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.11.10 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.10 - SteelSeries ApS)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.20.0.22 - GOG.com)
The Elder Scrolls V Skyrim Special Edition verze 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.00 - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Totally Accurate Battle Simulator Pre-Alpha version pre-alpha (HKLM-x32\...\{09C95BCB-5264-4F21-AA5F-D66E91167D6C}_is1) (Version: pre-alpha - Landfall Games)
Trine 4 The Nightmare Prince (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Trine 4 The Nightmare Prince) (Version: - HOODLUM)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 92.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\WhatsApp) (Version: 0.4.2088 - WhatsApp)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Worms W.M.D (HKLM-x32\...\Worms W.M.D_is1) (Version: - )
XSplit Gamecaster (HKLM-x32\...\{6653CF8C-38BE-4F69-8AB8-77E20E4F841E}) (Version: 2.8.1607.2032 - SplitmediaLabs)

Packages:
=========
8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.13.0_x64__b6e429xa66pga [2020-05-21] (Finebits OÜ) [MS Ad]
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2019-07-07] (Acer Incorporated)
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17502.0_x64__wxjjre7dryqb6 [2019-07-09] (Axilesoft) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.169.300.0_x86__kgqvnymyfvs32 [2020-06-03] (king.com)
Deep Rock Galactic -> C:\Program Files\WindowsApps\CoffeeStainStudios.DeepRockGalactic_1.30.40449.2_x64__496a1srhmar9w [2020-05-30] (Coffee Stain Publishing)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-05] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.1.1_x86__h6adky7gbf63m [2020-05-21] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.39.21501.0_x64__8wekyb3d8bbwe [2020-06-03] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-15] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2 [2020-03-09] (Code Spark)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt [2020-06-10] (INTEL CORP) [Startup Task]
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.9.0.0_x86__crhqpqs3x1ygc [2020-06-04] (PicsArt Inc.) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-07-09] (Plex)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-03] (Spotify AB) [Startup Task]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-07-09] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Predator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2017-12-15 22:00 - 2017-12-15 22:00 - 002284032 _____ ( (Holtek) [File not signed]) [File is in use ] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2017-12-15 22:00 - 2017-12-15 22:00 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2012-06-26 14:08 - 2012-06-26 14:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 12:58 - 2012-06-26 12:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 14:08 - 2012-06-26 14:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Predator\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Predator\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [452]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\sharepoint.com -> hxxps://zspisek.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2019-08-10 21:13 - 000000153 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 app.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-404591140-1402169592-305344172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Predator\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\712843reuwL._SS500_.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D98F2EAD-FE90-4D4F-A3EA-61B92DBF57A7}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1BF63372-1EBB-4900-AEF0-277FD7D85213}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D555DC2C-A48B-4980-9D3C-5E00E4814245}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D4A50D7F-D3B3-4174-ABB9-6350E56237B0}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C20FF27-64A4-4C1F-B9B4-1B3ED973927E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{65445D62-2EEB-4226-A23C-CF1F37F227AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{725FF95A-0620-4FF0-8088-48F8E1CC0E65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{2ED35CF1-49B1-4FC3-BC7B-F495BBFA5F04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{8BAD61D1-F5F2-4373-BBE0-F6AE504B3A1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{187ECDA7-AC77-4CAE-A0A8-2335D7BCA1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{A6396281-D7CA-4F2A-B540-389CD4D6693D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E589D51E-1816-4197-9B5D-8307876765E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFA86301-C76C-492E-BFC3-8AE3655F8715}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3A445BC-6E12-4EE4-A37A-33C51CEFC401}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7BEE9BD8-0B64-4629-9565-C7E4E56DDBBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{F262DB37-B0B8-486A-80E3-A6428ECBE762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{5007B0FE-1F6D-4244-947C-6B272324FEC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{217D40B4-4509-4059-A756-4BC1613A2C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{369216BA-C718-4252-9E7B-5BB9E854AB72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8B5D28FA-D73B-4A95-90D5-EDF448ED56F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{347A409B-88FE-4F7C-A2B9-D7F9B253A8B3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4F980301-99D4-4ACA-B0BD-B9744DD1F114}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E3603C58-B6E6-4B49-9E22-EA0606DB68E9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2599493D-15D9-467C-8531-1EF798B891BB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A9851275-6AD7-4E07-B1F9-3CC414F86196}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{37039CF4-277F-438F-8270-1B3771585E02}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{800E5148-28B3-431A-AD2C-B48FFB4F7257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{8FABA55D-DEED-4A90-B19B-DE13499239F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{3FDE0431-C8A7-4A33-A2B0-B565B8C102A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{165C4117-C9D0-41EF-909F-AE2CC3E1F7A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{15BDA321-F3DE-4B80-8B91-B88240F8EEC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{6B58E5FA-019C-4C75-86E6-E98CE8C19C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{F020605C-7B87-40EA-B7A4-8679D98B25A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFC77A00-FC32-43BB-8D9A-DEB01031A3C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BA486C3-C258-43B3-9ECE-14751665E942}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA012CDE-5D28-4A25-BCB5-A08BF70D9DAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{132C2BC1-AAEF-4841-80F0-637019F75209}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{655BA11B-ACDC-4866-9961-B6564CDE9504}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{3F53769E-1C4C-4D2D-A1CF-EFA07549BBA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1E4E3BA8-D13E-4577-BE99-8B949BF562C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F36A7DFA-3EC0-4037-8031-744A785098EA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{757DECA6-7B16-4441-A338-1D69EA28DCF2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2DF3267D-2AC5-4E52-B0D7-75E5579875B2}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5E67A9-2EC0-4F78-A410-98243C819A43}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{C53EF0A2-79F5-4F77-99CD-29445F9C9E0F}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{1AD55626-4781-46D1-8E6D-2BB8768E3814}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA529B22-4BAA-4125-8C12-DC8B4EA13FC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{64FA7DC1-8E61-4FEB-868D-CADA609222CB}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D813CE4E-63F0-4E5F-9D3A-CF61713F298A}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0703D789-6C85-43D8-A297-DCCA114FDCFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{F03C9FEB-245D-4DEA-BA95-A4FB90814C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{23FADE8F-554F-46C4-9692-FD7C0E2C1C0A}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{4B2CBC2A-F613-432C-9D07-AC8AE54AAD50}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5EA6124C-F169-4AE1-98E5-C360D9FBE975}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [UDP Query User{610E4D11-9E44-4FF0-B15A-525B07C86AA8}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [TCP Query User{B0418CE1-2FA7-43FE-8DAD-8BBC514692A8}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{CA6E2FEC-9DBA-4CCB-A39C-BDD29F3DCD6E}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{0B1C989A-FEBC-43AD-BBEE-12E51D828877}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{6E3770A2-E167-4657-88E1-DD0DC58ADF5C}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1C4D9205-4666-4F96-88BF-04B22D92F065}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D49DE036-7805-4A1C-BC5C-73E8D201081E}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{94EB2751-65BA-4817-AC2A-2501DF68D1FC}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [UDP Query User{1B4D27B4-CFC9-45E3-B8B5-8E9BF91FA240}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CDA633F0-B78D-4169-BF95-FEB4FD8904B9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CD63C164-6897-4DE7-828C-F407B463E6E9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{2B08065C-E8F4-4CBD-8667-FCA1D1476FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{991D6650-66E9-486A-851F-F22D25D23377}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{606871D5-0199-41CC-9B6B-C6758E8FCDC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1508C5B2-5DA3-4228-8BCC-E4A01179C831}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{231928F7-2D1E-4C1E-84EA-1F259EA0705F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{943B5EA3-02CB-44B3-B54A-C215AFCDD62C}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{FA446355-DD35-414A-8A7A-A3004B772FEA}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{79D08832-70D5-4099-BD54-8E56677AE5C4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{FF0362DF-9019-4F01-A2FC-D69BC13AECC4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{AC0678DD-6C6C-4F3F-8B46-636826D48638}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{2C135223-B3D2-4AB3-AA12-B58E7B55300F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{4DE159AB-1AAB-4F91-9D0B-D20BAEC3B86E}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{33479A1E-F2F1-4990-BEAA-19403BF583B2}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{66A22761-795F-4058-94F9-E2E71C1FDF6F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{BFD7422C-698F-44EB-9279-3CBF8D4EC70C}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{85479887-65A8-4087-8162-754513832B33}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{20704B60-4560-434A-9F05-6B0E3971120F}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{8C027259-B5FF-48D3-BE56-B2128DCF8725}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{FEFFA9F3-1525-420E-8605-1436F2A0721A}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{A06C02A6-5652-4A16-A282-19D91D9FF0CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C30BF3F-B77B-42F5-9D98-336C4EE1EC8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD94636E-8299-44D0-8267-4915F75AE44C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B2738C2-2A70-4907-9105-9BB7E294D075}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{76942212-081A-4E5A-924F-5BAEC632A571}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{759F3432-D565-4EB5-875D-E31D678E85BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EF82119-789B-4F41-8310-F6FE0CAC1E50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC794A6B-6BDD-47A7-A26E-96D591C73EE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8E9CE3-3DDA-4D20-8001-8FEADA05D19E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{20CCC4E4-A43F-4F66-A1A0-FAF9844EE7B6}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2020 09:05:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7672,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 08:44:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11396,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 08:35:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2012,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 07:50:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.18362.836, časové razítko: 0xb8640219
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.815, časové razítko: 0xb29ecf52
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000072a6
ID chybujícího procesu: 0x48bc
Čas spuštění chybující aplikace: 0x01d642611e32c99a
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 8efcdef2-3656-48cc-b4c5-e1ef1f41bcf7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/14/2020 07:47:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21072,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 07:36:53 PM) (Source: ESENT) (EventID: 413) (User: )
Description: msedge (19788,R,98) EdgeDataImporter: Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (06/14/2020 07:36:53 PM) (Source: ESENT) (EventID: 488) (User: )
Description: msedge (19788,R,98) EdgeDataImporter: Pokus o vytvoření souboru C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (06/14/2020 06:16:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18424,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (06/14/2020 08:29:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (06/14/2020 08:27:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service přestala během spouštění reagovat.

Error: (06/14/2020 08:23:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/14/2020 08:23:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (06/14/2020 08:23:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (06/14/2020 08:22:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/14/2020 08:22:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (06/14/2020 08:21:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2020-06-14 20:34:00.980
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe provádění změn v paměti.
Čas detekce: 2020-06-14T18:34:00.891Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
Verze bezpečnostních informací: 1.317.1359.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-14 17:09:35.703
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe provádění změn v paměti.
Čas detekce: 2020-06-14T15:09:35.666Z
Uživatel: LAPTOP-H32871D3\Predator
Cesta: \Device\CdRom0
Název procesu: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
Verze bezpečnostních informací: 1.317.1209.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-12 11:06:35.331
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T09:06:35.331Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-12 09:20:43.389
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T07:20:43.389Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-05 10:19:31.207
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68503505-D168-4EE6-A7BC-DAEDB2A51D84}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-06-14 19:41:00.595
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-06-14 17:17:23.933
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-05-29 10:45:51.203
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-29 10:45:51.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-07-21 08:02:04.537
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:04.534
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:04.528
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:04.525
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:00.838
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-20 07:47:21.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.09 07/06/2017
Motherboard: KBL Sienna_KLS
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 51%
Total physical RAM: 8075.6 MB
Available physical RAM: 3904.77 MB
Total Virtual: 16267.6 MB
Available Virtual: 10479.68 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:164.77 GB) NTFS

\\?\Volume{8e50c848-128d-46d1-bb22-1be59db4d711}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.54 GB) NTFS
\\?\Volume{ecc835b1-9baa-468e-b73a-034ba01cdaa1}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AEEE2585)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#2 Příspěvek od luki123 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Predator at 2020-06-14 21:22:33
Microsoft Windows 10 Home
System drive C: has 169 GB (18%) free of 953 GB
Total RAM: 8076 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:23:07, on 14.06.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Predator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 149.202.196.40 dow0.drivereasy.com
O1 - Hosts: 149.202.196.40 dow1.drivereasy.com
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TeamsMachineInstaller] %ProgramFiles%\Teams Installer\Teams.exe --checkInstall --source=PROPLUS
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Predator\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Gaijin.Net Agent] "C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [Discord] C:\Users\Predator\AppData\Local\Discord\app-0.0.306\Discord.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Predator\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_8e163 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dolby DAX2 API Service - Dolby Laboratories, Inc. - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee WebAdvisor - McAfee, LLC - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: MRAC Service (mracsvc) - Unknown owner - C:\WINDOWS\System32\mracsvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Predator Service (PSSvc) - Acer Incorporated - C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Qualcomm Atheros WLAN Driver Service (QcomWlanSrv) - Unknown owner - C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Games\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem78.inf,%RstMwService.Name%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: Uncheater for BattleGroundsLite_SE (uncheater_bgl) - Wellbia.com Co., Ltd. - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 16702 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt

C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\Windows\system32\HPSIsvc.exe
C:\WINDOWS\System32\drivers\AdminService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHDCPSvc.exe
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
dashost.exe {5475982b-2f63-4ec0-a60c8c305095ba79}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
"C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe"

"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ASC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe" -Hide
"C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe" -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
{2B082E6F-1A6D-4BF5-8DED-EB8E44F9EBF5}
{D93ACFC9-2AAD-43CF-82D7-5CBDD8270E2B}
{F283ECF6-4138-4BF6-B7BC-34A100F50EBF}
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
dummy /ccupdate
"C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe" --system-initiated
"C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=gpu-process --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=11375953806601731883 --mojo-platform-channel-handle=1564 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --service-pipe-token=15679115540920378841 --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Teams/1.3.00.13565 Chrome/69.0.3497.128 Electron/4.2.12 Safari/537.36" --node-integration=false --webview-tag=false --no-sandbox --preload="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\notifications\preload_notifications.js" --disable-remote-module --background-color=#fff --electron-shared-settings=eyJjci5jb21wYW55IjoiRWxlY3Ryb24iLCJjci5kdW1wcyI6IiIsImNyLmVuYWJsZWQiOmZhbHNlLCJjci5wcm9kdWN0IjoiRWxlY3Ryb24iLCJjci5zZXNzaW9uIjoiIiwiY3IudXJsIjoiIiwiY3IudmVyc2lvbiI6InY0LjIuMTIifQ== --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=15679115540920378841 --renderer-client-id=8 --mojo-platform-channel-handle=2812 /prefetch:1 --msteams-process-type=notificationsManager
"C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --service-pipe-token=2680721304505988657 --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Teams/1.3.00.13565 Chrome/69.0.3497.128 Electron/4.2.12 Safari/537.36" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\preload.js" --disable-remote-module --background-color=#fff --electron-shared-settings=eyJjci5jb21wYW55IjoiRWxlY3Ryb24iLCJjci5kdW1wcyI6IiIsImNyLmVuYWJsZWQiOmZhbHNlLCJjci5wcm9kdWN0IjoiRWxlY3Ryb24iLCJjci5zZXNzaW9uIjoiIiwiY3IudXJsIjoiIiwiY3IudmVyc2lvbiI6InY0LjIuMTIifQ== --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2680721304505988657 --renderer-client-id=9 --mojo-platform-channel-handle=3172 /prefetch:1 --msteams-process-type=mainWindow
"C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --service-pipe-token=12034086609051971541 --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Teams/1.3.00.13565 Chrome/69.0.3497.128 Electron/4.2.12 Safari/537.36" --node-integration=false --webview-tag=false --no-sandbox --preload="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\pluginhost\preload.js" --disable-remote-module --background-color=#fff --electron-shared-settings=eyJjci5jb21wYW55IjoiRWxlY3Ryb24iLCJjci5kdW1wcyI6IiIsImNyLmVuYWJsZWQiOmZhbHNlLCJjci5wcm9kdWN0IjoiRWxlY3Ryb24iLCJjci5zZXNzaW9uIjoiIiwiY3IudXJsIjoiIiwiY3IudmVyc2lvbiI6InY0LjIuMTIifQ== --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12034086609051971541 --renderer-client-id=12 --mojo-platform-channel-handle=5312 /prefetch:1 --msteams-process-type=pluginHost


"C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe"
C:\Windows\System32\SecurityHealthHost.exe {08728914-3F57-4D52-9E31-49DAECA5A80A} -Embedding
"C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --service-pipe-token=595793940156905954 --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Teams/1.3.00.13565 Chrome/69.0.3497.128 Electron/4.2.12 Safari/537.36" --node-integration=false --webview-tag=true --enable-sandbox --native-window-open --preload="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\experienceRenderer\preload_webview_sandbox.js" --disable-remote-module --background-color=#fff --guest-instance-id=6 --enable-blink-features --disable-blink-features --hidden-page --electron-shared-settings=eyJjci5jb21wYW55IjoiRWxlY3Ryb24iLCJjci5kdW1wcyI6IiIsImNyLmVuYWJsZWQiOmZhbHNlLCJjci5wcm9kdWN0IjoiRWxlY3Ryb24iLCJjci5zZXNzaW9uIjoiIiwiY3IudXJsIjoiIiwiY3IudmVyc2lvbiI6InY0LjIuMTIifQ== --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=595793940156905954 --renderer-client-id=14 --mojo-platform-channel-handle=4004 /prefetch:1 --msteams-process-type=experience-renderer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Predator\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Predator\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=83.0.4103.97 --initial-client-data=0xe8,0xec,0xf0,0xc4,0xf4,0x7ff89efcbd28,0x7ff89efcbd38,0x7ff89efcbd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1280,14254393250051493406,10632997735937400220,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1544 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1280,14254393250051493406,10632997735937400220,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1820 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1280,14254393250051493406,10632997735937400220,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=2300 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1280,14254393250051493406,10632997735937400220,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
explorer.exe
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1280,14254393250051493406,10632997735937400220,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9148 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1280,14254393250051493406,10632997735937400220,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7176 /prefetch:1
"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
taskhostw.exe
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-404591140-1402169592-305344172-10018_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-404591140-1402169592-305344172-10018 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1280,14254393250051493406,10632997735937400220,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3580 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Predator\Desktop\RSITx64.exe"
"C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --service-pipe-token=8499505686044408822 --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Predator\AppData\Local\Microsoft\Teams\current\resources\app.asar" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=8499505686044408822 --renderer-client-id=25 --mojo-platform-channel-handle=4784 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x488
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --do-not-de-elevate -- http://www.trendmicro.com/go/hjt/error/ ... D2%2E0%2E4
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=83.0.4103.97 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=83.0.478.45 --initial-client-data=0xec,0xf0,0xf4,0xc8,0xf8,0x7ff8bec42f20,0x7ff8bec42f30,0x7ff8bec42f40
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1164,16790890154893864306,12318560372127289719,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1704 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --field-trial-handle=1164,16790890154893864306,12318560372127289719,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=2316 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --field-trial-handle=1164,16790890154893864306,12318560372127289719,131072 --lang=cs --service-sandbox-type=collections --enable-audio-service-sandbox --mojo-platform-channel-handle=2904 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1164,16790890154893864306,12318560372127289719,131072 --lang=cs --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3700 /prefetch:1

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1164,16790890154893864306,12318560372127289719,131072 --lang=cs --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\Driver Easy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-04-22 221664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30 883160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-06-12 1391072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30 550360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-22 166360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-15 480424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-06-12 1093256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-06-16 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-15 194728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30 505816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30 883160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-16 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2019-12-23 18391120]
"RtHDVBg_ASC"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-12-23 1506384]
"RtHDVBg_CTPreset"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-12-23 1506384]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-12-23 1506384]
"DAX2_APP"=C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [2018-09-05 876032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Predator\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-06-05 1591656]
"Gaijin.Net Agent"=C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2018-04-26 2125896]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2020-06-04 3375904]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2020-02-14 91512680]
"EpicGamesLauncher"=C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2020-06-04 32194448]
"Discord"=C:\Users\Predator\AppData\Local\Discord\app-0.0.306\Discord.exe [2020-02-24 90950968]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-03-19 22245560]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"com.squirrel.Teams.Teams"=C:\Users\Predator\AppData\Local\Microsoft\Teams\Update.exe [2020-06-03 2350776]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2020-03-12 646776]
"TeamsMachineInstaller"=C:\Program Files\Teams Installer\Teams.exe --checkInstall --source=PROPLUS []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-06-14 21:22:33 ----D---- C:\rsit
2020-06-14 21:22:33 ----D---- C:\Program Files\trend micro
2020-06-14 20:59:41 ----D---- C:\FRST
2020-06-14 17:33:44 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-06-14 17:33:44 ----A---- C:\WINDOWS\system32\poqexec.exe
2020-05-24 20:35:56 ----A---- C:\WINDOWS\xhunter1.sys
2020-05-24 20:35:55 ----D---- C:\Program Files\Common Files\Uncheater
2020-05-24 13:24:03 ----D---- C:\ProgramData\PUBG
2020-05-24 13:23:29 ----D---- C:\Program Files (x86)\PUBGLite
2020-05-18 14:31:52 ----D---- C:\Users\Predator\AppData\Roaming\CitizenFX
2020-05-17 17:37:34 ----D---- C:\ProgramData\Rockstar Games

======List of files/folders modified in the last 1 month======

2020-06-14 21:23:06 ----D---- C:\WINDOWS\Temp
2020-06-14 21:22:45 ----D---- C:\WINDOWS\Prefetch
2020-06-14 21:22:33 ----D---- C:\Program Files
2020-06-14 21:20:17 ----D---- C:\WINDOWS\system32\sru
2020-06-14 21:08:27 ----D---- C:\ProgramData\NVIDIA
2020-06-14 21:06:44 ----SHD---- C:\System Volume Information
2020-06-14 21:05:18 ----D---- C:\WINDOWS\system32\config
2020-06-14 21:02:59 ----D---- C:\WINDOWS\CbsTemp
2020-06-14 20:28:36 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 20:15:08 ----HD---- C:\Intel
2020-06-14 20:15:05 ----D---- C:\WINDOWS\system32\LogFiles
2020-06-14 20:14:59 ----D---- C:\WINDOWS\system32\SleepStudy
2020-06-14 19:45:36 ----D---- C:\Games
2020-06-14 19:43:08 ----D---- C:\WINDOWS\WinSxS
2020-06-14 19:27:37 ----D---- C:\Program Files (x86)\Microsoft
2020-06-14 19:25:52 ----D---- C:\WINDOWS\system32\Tasks
2020-06-14 19:25:26 ----SD---- C:\ProgramData\Microsoft
2020-06-14 18:22:49 ----D---- C:\WINDOWS\system32\catroot2
2020-06-14 17:36:47 ----D---- C:\WINDOWS\SysWOW64
2020-06-14 17:36:47 ----D---- C:\WINDOWS\System32
2020-06-14 17:22:30 ----SHDC---- C:\WINDOWS\Installer
2020-06-14 17:22:04 ----RD---- C:\WINDOWS\Microsoft.NET
2020-06-14 17:21:57 ----D---- C:\Program Files\Common Files\microsoft shared
2020-06-14 17:20:41 ----AD---- C:\Program Files\Microsoft Office
2020-06-14 17:15:14 ----HD---- C:\Program Files\WindowsApps
2020-06-14 17:15:14 ----D---- C:\WINDOWS\AppReadiness
2020-06-12 01:07:21 ----D---- C:\WINDOWS\Logs
2020-06-11 17:21:15 ----D---- C:\Program Files\Epic Games
2020-06-11 09:14:58 ----D---- C:\Program Files (x86)\Steam
2020-06-08 20:12:24 ----D---- C:\Users\Predator\AppData\Roaming\uTorrent
2020-06-07 10:54:59 ----D---- C:\Users\Predator\AppData\Roaming\Discord
2020-06-05 23:03:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2020-06-04 08:20:17 ----D---- C:\WINDOWS\system32\drivers\wd
2020-05-31 10:51:19 ----D---- C:\Windows
2020-05-30 08:34:39 ----AD---- C:\Program Files\UNP
2020-05-28 14:36:01 ----D---- C:\WINDOWS\INF
2020-05-24 20:35:55 ----D---- C:\Program Files\Common Files
2020-05-24 13:24:03 ----D---- C:\ProgramData
2020-05-24 13:23:29 ----RD---- C:\Program Files (x86)
2020-05-23 17:59:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-22 20:39:21 ----D---- C:\Program Files\CCleaner
2020-05-17 17:42:40 ----D---- C:\Program Files (x86)\Rockstar Games
2020-05-17 17:42:33 ----D---- C:\Program Files\Rockstar Games
2020-05-17 17:40:13 ----RSD---- C:\WINDOWS\assembly
2020-05-17 07:28:48 ----D---- C:\WINDOWS\apppatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorAC;@oem78.inf,%iaStorAC.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\WINDOWS\System32\drivers\iaStorAC.sys [2019-12-23 1035744]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-11 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-05-13 457216]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2016-08-24 37064]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 BtFilter;BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [2019-12-23 81680]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-11 99328]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
R3 iaLPSS2_GPIO2;@oem57.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [2019-08-10 95632]
R3 iaLPSS2_I2C;@oem58.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [2019-08-10 185232]
R3 ICCWDT;@oem59.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2019-08-10 48080]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\igdkmd64.sys [2019-12-23 20993072]
R3 IntcAudioBus;@oem27.inf,%IntcAudioBus.SVCDESC%;Sběrnice technologie Intel(R) Smart Sound; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [2018-12-09 264176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2019-12-23 7068968]
R3 IntcOED;@oem3.inf,%IntcOED.SVCDESC%;Technologie Intel(R) Smart Sound OED; C:\WINDOWS\System32\drivers\IntcOED.sys [2018-12-09 809424]
R3 LMDriver;@oem17.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2018-05-15 31000]
R3 MEIx64;@oem81.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys [2019-12-23 253840]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_886b780ca50b5e3e\nvlddmkm.sys [2019-12-23 22749640]
R3 nvvad_WaveExtensible;@oem62.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-08-10 69840]
R3 nvvhci;@oem32.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-10-03 66792]
R3 Qcamain10x64;@oem65.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2019-08-10 2371864]
R3 RadioShim;@oem17.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2018-05-15 25368]
R3 rt640x64;@oem66.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-08-10 1158944]
R3 RTSPER;@oem82.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2019-12-23 1004024]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2020-04-15 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-11 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-14 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-16 117264]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-13 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-11 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-11 36864]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-03-19 133120]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-11 1428992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 cpuz148;cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-13 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-04 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-04-15 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2_SPI;Intel(R) Serial IO SPI Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [2016-08-28 151352]
S3 iaLPSS2_UART2;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [2016-08-28 282424]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys [2020-03-26 192952]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-14 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 mracdrv;MRAC Driver; C:\WINDOWS\System32\drivers\mracdrv.sys [2019-08-03 17770920]
S3 mvusbews;@oem0.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nmwcd;@oem8.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;@oem33.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NVHDA;@oem6.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2019-06-05 237368]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-01-16 30336]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-12 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [2019-12-23 386976]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_8e163;Uživatelská služba platformy připojených zařízení_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-06-03 11600760]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHDCPSvc.exe [2019-12-23 493088]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 Dolby DAX2 API Service;Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [2019-01-21 189464]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe [2019-12-23 374816]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-02-19 196200]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2017-02-19 419616]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2020-06-12 947280]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-01-30 790920]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-11-07 860184]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-06-05 791136]
R2 OneSyncSvc_8e163;Hostitel synchronizace_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 QcomWlanSrv;Qualcomm Atheros WLAN Driver Service; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [2019-08-10 191768]
R2 RstMwService;@oem78.inf,%RstMwService.Name%;Intel(R) Storage Middleware Service; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2019-12-23 2156512]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_8e163;Uživatelská služba schránky_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHeciSvc.exe [2019-12-23 491552]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-14 224144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24 153752]
S2 IntelAudioService;Intel(R) Audio Service; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [2018-12-09 224912]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_8e163;Agent Activation Runtime_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_8e163;Uživatelská služba pro GameDVR a vysílání her_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2020-06-11 8628224]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_8e163;Služba pro podporu uživatelů Bluetooth_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_8e163;CaptureService_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_8e163;ConsentUX_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-13 380632]
S3 CredentialEnrollmentManagerUserSvc_8e163;CredentialEnrollmentManagerUserSvc_8e163; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-13 380632]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_8e163;DeviceAssociationBroker_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_8e163;DevicePicker_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_8e163;Tok zařízení_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-11 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-03-27 818800]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-14 224144]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-07-10 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe [2020-06-02 1287152]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-12-05 630048]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_8e163;Služba zasílání zpráv_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [2020-06-04 1507208]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 mracsvc;MRAC Service; C:\WINDOWS\System32\mracsvc.exe [2019-08-03 18534552]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-01-30 790920]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 264512]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc_8e163;Data kontaktů_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_8e163;PrintWorkflow_8e163; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PSSvc;Predator Service; C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe [2017-08-13 716592]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 QALSvc;Quick Access Local Service; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [2017-08-11 461616]
S3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2017-08-11 506672]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Games\Rockstar Games\Launcher\RockstarService.exe [2020-05-12 1705088]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118273
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Totálně zpomalený notebook

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#4 Příspěvek od luki123 »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-14-2020
# Duration: 00:00:11
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Predator\AppData\Roaming\WinThruster

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Amazon Assistant for Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6129 octets] - [14/06/2020 22:02:16]
AdwCleaner[S01].txt - [6190 octets] - [14/06/2020 22:04:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118273
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Totálně zpomalený notebook

#5 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#6 Příspěvek od luki123 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Predator (administrator) on LAPTOP-H32871D3 (Acer Predator PH317-51) (15-06-2020 15:43:41)
Running from C:\Users\Predator\Desktop
Loaded Profiles: Predator
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125896 2018-04-26] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91512680 2020-02-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32194448 2020-06-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Discord] => C:\Users\Predator\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Predator\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\Windows\system32\HPM1210LM.DLL [409088 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-01-13]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01444D27-8351-4DB1-AA67-27F1E924AC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {06DE687C-F481-41B5-B053-E0511B510E94} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1085A869-856B-4CE5-9AAD-4229C7FAF7D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {115C7F8E-0B62-4042-A238-1FFC099C8F6D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {11B931FC-ECAC-432E-B951-40E4E38B2BAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {12ED00EA-8749-4038-AD95-663DF7260F35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E77125-7724-4AC8-8487-9B5CF5E5E7A1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-18] (Acer Incorporated -> TODO: <Company name>)
Task: {18B06555-64FB-4F90-BE78-81E4388711F0} - System32\Tasks\PredatorSense => C:\Program Files (x86)\Acer\PredatorSense\PSLauncher.exe [580400 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1C697A04-79DF-4C4D-9878-F66446D85F45} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1E1C1C92-E582-42B6-864C-D4E7C639A8A6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {217A5170-499B-449C-A73B-E6919C8766EC} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {21B00D69-5CF1-43D8-9842-AC0601D0C6D4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2768176 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {23C0E068-F125-412B-9BF5-572E209A2220} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {244BEFDB-E880-44EE-B13B-5BBE27593B2A} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24A8475F-867F-4678-AD83-D67DE61D8CEC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2655156B-B3FE-4692-8B58-89F240E1D69E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2737737B-CF08-48FA-B2D6-DDCDFD03B1F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2810412A-FCF0-42F8-AF30-ED7AD2C56193} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {299BE1C2-11E5-4E69-9174-C1E17FE4754A} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {35394D25-1A0E-46E2-97ED-97B7FDC09D53} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39569F8D-4F22-43F4-824F-AD2A6CB072C0} - System32\Tasks\CareCenter\Classic Start Menu_Reg_HKLMRun => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Task: {3AA1E352-CE7A-4979-B913-B61A43C0C337} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D328568-6C20-4D5C-B878-4E5EB902FB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {50AF418D-75B5-422A-A165-D54967A7A74C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349952 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {549ACB9F-C2FD-4B48-A1E4-BE354DFFAC1D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {55D20DFD-AEA5-4EE9-B5C5-FB27EDB84395} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B451963-E3E4-4469-8A64-0C7176AB88D3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63582727-B214-4679-B1BB-C07A1A2A049E} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {6C479381-72AE-439F-A55A-4C4D7E3DA060} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {72E6435D-EE5A-4F79-8871-130D0D5A1086} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware)
Task: {7FBC3EE5-EF69-421E-A34D-7AD045738C81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C98F76-8A30-40CC-A455-C38260769978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {8F0CB262-40BF-49E5-B3E0-620E2B84FA08} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {8F533A94-4FB9-49A8-86A0-C6CA8BDE4A6E} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {9144D162-402D-477F-BBA3-A1DF0FFC2865} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91DD54DC-5515-4301-9F76-847EA14497BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {96C0A2DE-D6B0-4E0D-91BB-F2DCE221E70A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B4FFA96-4872-4F2C-BDE2-CA67802549F7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {A765D56E-CD6F-4D33-AD92-7F74B293430C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AB807AB6-BD0A-4F37-9533-A58C5DFE0E1F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC0FBED0-5ABE-4BED-AE99-23672D6AD557} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AED16B6F-BA4F-4C6B-84D5-297F1CD04F24} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [445744 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {AFD0E1D2-15E6-42BD-B4C8-52C8FDDD967E} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9EBBD50-30B3-4EE6-9A9A-8E1466D5B01A} - System32\Tasks\CareCenter\WindowsDefender_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe
Task: {BA45BC73-7A38-450E-9B17-D7DDBAADB46C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDEEE973-AC64-4AB3-BC03-B0A9F937FFC0} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {C2FF00B5-9E79-425B-8C02-F26569FD14E6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {C87C7316-AFDE-458F-9CE6-BDE3B428E751} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F0853616-4250-449E-94F1-78A18DE0AC30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0FF8321-70C3-43E2-9D5D-2278626A1B80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3316F38-6D0C-4E0A-AAB3-129224730CF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3866FBE-A8D4-4BBA-94A9-943E31990FAA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F90606BE-2D70-46ED-874C-564F42B83774} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-02-21] (Acer Incorporated -> )
Task: {FD8AD5EC-2586-410C-9303-58C3829E0C2D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{32b03b56-dfe5-4bb8-ba1a-8213a7f18dd9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c201dc45-900a-4a67-afc6-562ce01344f7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> DefaultScope {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\Predator\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-14]
Edge Extension: (Amazon Assistant) - C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2020-06-14]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-06-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default [2020-06-15]
CHR Notifications: Default -> hxxps://novaplus.nova.cz; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-24]
CHR Extension: (Dokumenty) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Disk Google) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-23]
CHR Extension: (YouTube) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-21]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-07]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8628224 2020-06-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600760 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818800 2020-03-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-14] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [947280 2020-06-12] (McAfee, LLC -> McAfee, LLC)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-04] (Microsoft Corporation -> Microsoft Corporation)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [860184 2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [791136 2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSSvc; C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe [716592 2017-08-13] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-08-11] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-08-11] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-08-10] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S3 Rockstar Service; C:\Games\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-05-24] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-25] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [81680 2019-12-23] (Qualcomm Atheros -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-13] (Microsoft Corporation) [File not signed]
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [264176 2018-12-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-14] (Malwarebytes Inc -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_886b780ca50b5e3e\nvlddmkm.sys [22749640 2019-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-08-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-08-10] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2017-12-15] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [55560 2018-01-09] (SteelSeries ApS -> )
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57432 2019-08-10] (Synaptics Incorporated -> Synaptics Incorporated)
S3 upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-06-09] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S4 EasyAntiCheatSys; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-15 15:43 - 2020-06-15 15:48 - 000040335 _____ C:\Users\Predator\Desktop\FRST.txt
2020-06-15 00:47 - 2020-06-15 00:47 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-15 00:03 - 2020-06-15 00:03 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-15 00:03 - 2020-06-15 00:03 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-15 00:03 - 2020-06-15 00:03 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-15 00:03 - 2020-06-15 00:03 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-15 00:03 - 2020-06-15 00:03 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-15 00:03 - 2020-06-15 00:03 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-15 00:03 - 2020-06-15 00:03 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-15 00:03 - 2020-06-15 00:03 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-15 00:03 - 2020-06-15 00:03 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-15 00:02 - 2020-06-15 00:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-15 00:02 - 2020-06-15 00:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-15 00:02 - 2020-06-15 00:02 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-15 00:02 - 2020-06-15 00:02 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-15 00:02 - 2020-06-15 00:02 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-15 00:02 - 2020-06-15 00:02 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-15 00:02 - 2020-06-15 00:02 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-15 00:02 - 2020-06-15 00:02 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-15 00:02 - 2020-06-15 00:02 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-15 00:02 - 2020-06-15 00:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-15 00:01 - 2020-06-15 00:01 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-15 00:01 - 2020-06-15 00:01 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-15 00:01 - 2020-06-15 00:01 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-15 00:01 - 2020-06-15 00:01 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-15 00:01 - 2020-06-15 00:01 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-14 22:01 - 2020-06-14 22:04 - 000000000 ____D C:\AdwCleaner
2020-06-14 22:01 - 2020-06-14 22:01 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-14 22:01 - 2020-06-14 22:01 - 000001997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-14 22:01 - 2020-06-14 22:01 - 000001985 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-14 22:01 - 2020-06-14 22:01 - 000001985 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-14 22:01 - 2020-06-14 22:00 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-14 22:00 - 2020-06-14 22:00 - 008402608 _____ (Malwarebytes) C:\Users\Predator\Desktop\AdwCleaner.exe
2020-06-14 22:00 - 2020-06-14 22:00 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-14 21:59 - 2020-06-14 21:59 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-14 21:59 - 2020-06-14 21:59 - 000000000 ____D C:\Malwarebytes
2020-06-14 21:58 - 2020-06-14 21:58 - 001988280 _____ (Malwarebytes) C:\Users\Predator\Desktop\MBSetup.exe
2020-06-14 21:22 - 2020-06-14 21:23 - 000000000 ____D C:\rsit
2020-06-14 21:22 - 2020-06-14 21:23 - 000000000 ____D C:\Program Files\trend micro
2020-06-14 21:21 - 2020-06-14 21:21 - 001222144 _____ C:\Users\Predator\Desktop\RSITx64.exe
2020-06-14 20:59 - 2020-06-15 15:47 - 000000000 ____D C:\FRST
2020-06-14 20:57 - 2020-06-14 20:58 - 002289152 _____ (Farbar) C:\Users\Predator\Desktop\FRST64.exe
2020-06-14 19:30 - 2020-06-14 19:30 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-14 19:25 - 2020-06-14 19:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-14 19:25 - 2020-06-14 19:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-14 17:33 - 2020-06-14 17:36 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-14 17:33 - 2020-06-14 17:35 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-12 10:55 - 2020-06-12 13:32 - 2838206999 _____ C:\Users\Predator\Downloads\Sherlock Holmes 2009 CZ dabing HD.mkv
2020-06-12 09:13 - 2020-06-12 09:13 - 000000000 ____D C:\Users\Predator\AppData\Local\Epic Games
2020-06-09 20:01 - 2020-06-09 20:01 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Ghost Town Games
2020-06-08 20:49 - 2020-06-08 20:49 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Creepy Jar
2020-06-08 20:23 - 2020-06-08 20:23 - 000001613 _____ C:\Users\Predator\Desktop\Green Hell.lnk
2020-06-08 14:58 - 2020-06-08 16:29 - 709326848 _____ C:\Users\Predator\Downloads\hlm-gree.iso
2020-06-08 14:58 - 2020-06-08 14:58 - 000044731 _____ C:\Users\Predator\Downloads\[CzT]Green_Hell_v_1_0_2019_CZ_.torrent
2020-06-07 20:54 - 2020-06-07 20:54 - 017578132 _____ C:\Users\Predator\Desktop\Fotky.rar
2020-06-07 20:53 - 2020-06-07 20:54 - 000000000 ____D C:\Users\Predator\Desktop\Fotky
2020-06-04 21:57 - 2020-06-05 00:19 - 2616193024 _____ C:\Users\Predator\Downloads\Diktátor - Full HD, CZ Dabing.avi
2020-06-02 18:23 - 2020-06-02 20:19 - 2137570294 _____ C:\Users\Predator\Downloads\Hobit_Šmakova dračí poušť_cz_The Hobbit_The Desolation of Smaug.avi
2020-05-31 21:15 - 2020-06-01 01:51 - 755473012 _____ C:\Users\Predator\Downloads\Hobit - neočekávaná cesta cz avi.avi
2020-05-27 10:45 - 2020-05-27 12:03 - 1435799552 _____ C:\Users\Predator\Downloads\Hercules-(The-Thracian-Wars)-CZ-2014.avi
2020-05-24 20:36 - 2020-05-24 20:36 - 000000000 ____D C:\Users\Predator\AppData\Local\ShadowTrackerExtra
2020-05-24 20:35 - 2020-06-09 18:56 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2020-05-24 20:35 - 2020-05-24 20:35 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2020-05-24 18:51 - 2020-05-24 18:51 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (2).exe
2020-05-24 18:43 - 2020-05-24 18:43 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (1).exe
2020-05-24 13:24 - 2020-05-24 13:24 - 000000000 ____D C:\ProgramData\PUBG
2020-05-24 13:23 - 2020-05-24 19:11 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2020-05-24 13:23 - 2020-05-24 18:51 - 000001110 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PUBG LITE.lnk
2020-05-24 13:23 - 2020-05-24 18:51 - 000001080 _____ C:\Users\Predator\Desktop\PUBG LITE.lnk
2020-05-21 20:23 - 2020-05-21 22:14 - 2048506209 _____ C:\Users\Predator\Downloads\Čarodějovy_hodiny_Cz_dabing.mkv
2020-05-20 12:39 - 2020-05-20 16:04 - 2272158039 _____ C:\Users\Predator\Downloads\Zloba Kralovna vseho zleho.mkv
2020-05-18 14:31 - 2020-05-18 14:44 - 000000000 ____D C:\Users\Predator\AppData\Roaming\CitizenFX
2020-05-18 13:04 - 2020-05-18 14:31 - 000000000 ____D C:\Users\Predator\AppData\Local\DigitalEntitlements
2020-05-17 19:20 - 2020-05-17 19:21 - 075217096 _____ (Rockstar Games.) C:\Users\Predator\Downloads\Rockstar-Games-Launcher.exe
2020-05-17 17:37 - 2020-05-17 17:37 - 000000969 _____ C:\Users\Predator\Desktop\Rockstar Games Launcher.lnk
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\ProgramData\Rockstar Games

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-15 15:40 - 2019-07-11 01:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-15 14:58 - 2017-08-18 19:26 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-15 14:54 - 2017-11-23 09:17 - 000000000 ____D C:\Users\Predator\AppData\Local\CrashDumps
2020-06-15 09:22 - 2019-07-11 02:39 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-15 09:22 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-15 09:22 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-15 09:22 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-15 09:21 - 2019-02-28 20:48 - 000000000 ____D C:\Program Files\Epic Games
2020-06-15 05:45 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-15 00:52 - 2018-01-21 18:39 - 000000000 ___RD C:\Users\Predator\3D Objects
2020-06-15 00:52 - 2017-11-23 23:58 - 000000000 __SHD C:\Users\Predator\IntelGraphicsProfiles
2020-06-15 00:52 - 2017-08-18 19:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-15 00:50 - 2019-07-11 00:58 - 000000000 ____D C:\Users\defaultuser0
2020-06-15 00:50 - 2019-07-11 00:58 - 000000000 ____D C:\Users\Administrator
2020-06-15 00:49 - 2019-07-11 01:52 - 000451176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-15 00:45 - 2019-07-11 03:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-15 00:45 - 2017-08-18 19:19 - 000000000 ___HD C:\Intel
2020-06-15 00:43 - 2019-03-19 06:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-06-15 00:37 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-15 00:36 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-15 00:36 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-15 00:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-15 00:10 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-15 00:01 - 2019-07-11 02:02 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-14 23:51 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-14 23:51 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-14 22:01 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-14 22:00 - 2019-08-05 19:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-14 21:34 - 2017-11-24 00:13 - 000000000 ____D C:\Users\Predator\AppData\Local\ClassicShell
2020-06-14 19:45 - 2017-12-24 22:23 - 000000000 ____D C:\Games
2020-06-14 17:21 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-14 17:20 - 2017-11-23 14:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-12 10:29 - 2017-12-27 17:30 - 000000000 ____D C:\Users\Predator\Documents\The Witcher 3
2020-06-12 09:17 - 2019-02-16 16:05 - 000000000 ____D C:\Users\Predator\AppData\Local\BattlEye
2020-06-11 09:14 - 2018-07-04 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-08 20:12 - 2017-12-24 19:32 - 000000000 ____D C:\Users\Predator\AppData\Roaming\uTorrent
2020-06-07 10:54 - 2019-03-25 20:20 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Discord
2020-06-06 07:51 - 2019-05-13 21:03 - 000000000 ____D C:\Users\Predator\AppData\Local\PlaceholderTileLogoFolder
2020-06-05 23:03 - 2020-02-16 20:32 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2020-02-16 20:32 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 18:46 - 2018-01-21 18:22 - 000000000 ____D C:\Users\Predator\AppData\Local\Packages
2020-06-05 16:40 - 2019-07-11 03:23 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-404591140-1402169592-305344172-1001
2020-06-05 16:40 - 2019-07-11 00:57 - 000002374 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-05 16:40 - 2017-11-24 00:01 - 000000000 ___RD C:\Users\Predator\OneDrive
2020-06-05 00:12 - 2017-11-24 00:07 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-04 21:58 - 2017-11-24 00:06 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 08:20 - 2018-02-15 17:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 14:54 - 2020-03-25 15:22 - 000002383 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-06-03 14:54 - 2020-03-25 15:22 - 000002375 _____ C:\Users\Predator\Desktop\Microsoft Teams.lnk
2020-06-03 12:25 - 2018-06-18 15:50 - 000000000 ____D C:\Users\Predator\AppData\Local\Ubisoft Game Launcher
2020-05-30 08:34 - 2017-11-23 12:05 - 000000000 ____D C:\Program Files\UNP
2020-05-24 18:32 - 2019-07-11 03:23 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FC7C20F0-1C60-468E-BD15-351185194884}
2020-05-24 10:06 - 2020-04-18 10:17 - 000000000 ____D C:\Users\Predator\AppData\Local\FiveM
2020-05-22 20:39 - 2019-08-04 13:21 - 000000000 ____D C:\Program Files\CCleaner
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:12 - 000000000 ____D C:\Users\Predator\Documents\Rockstar Games
2020-05-17 17:41 - 2019-07-09 09:44 - 000000000 ____D C:\Users\Predator\AppData\Local\D3DSCache
2020-05-17 17:41 - 2017-12-26 09:18 - 000000000 ____D C:\Users\Predator\AppData\Local\Rockstar Games

==================== Files in the root of some directories ========

2018-06-01 21:39 - 2019-07-08 22:35 - 000007629 _____ () C:\Users\Predator\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#7 Příspěvek od luki123 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Predator (15-06-2020 15:51:03)
Running from C:\Users\Predator\Desktop
Windows 10 Home Version 1909 18363.900 (X64) (2019-07-11 01:29:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-404591140-1402169592-305344172-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-404591140-1402169592-305344172-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-404591140-1402169592-305344172-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-404591140-1402169592-305344172-501 - Limited - Disabled)
Predator (S-1-5-21-404591140-1402169592-305344172-1001 - Administrator - Enabled) => C:\Users\Predator
WDAGUtilityAccount (S-1-5-21-404591140-1402169592-305344172-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3015 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FiveM (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Green Hell (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Green Hell) (Version: - HOODLUM)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Human Fall Flat ICE (HKLM-x32\...\Human Fall Flat ICE_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4639 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
Just Cause 4 (HKLM-x32\...\{D1F33AFE-757B-4A27-9F96-D507177C3E40}_is1) (Version: - Avalanche Studios)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.109 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.35 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20838 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.20 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Planetary Annihilation TITANS (HKLM-x32\...\Planetary Annihilation TITANS_is1) (Version: - )
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
PredatorSense (HKLM-x32\...\{5A98D6E3-1EDC-43B9-B4F6-0A2B7F872F22}) (Version: 2.01.3005 - Acer Incorporated)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8838.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Skype verze 8.57 (HKLM-x32\...\Skype_is1) (Version: 8.57 - Skype Technologies S.A.)
SnowRunner (HKLM-x32\...\SnowRunner_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.11.10 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.10 - SteelSeries ApS)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.20.0.22 - GOG.com)
The Elder Scrolls V Skyrim Special Edition verze 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.00 - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Totally Accurate Battle Simulator Pre-Alpha version pre-alpha (HKLM-x32\...\{09C95BCB-5264-4F21-AA5F-D66E91167D6C}_is1) (Version: pre-alpha - Landfall Games)
Trine 4 The Nightmare Prince (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Trine 4 The Nightmare Prince) (Version: - HOODLUM)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 92.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\WhatsApp) (Version: 0.4.2088 - WhatsApp)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Worms W.M.D (HKLM-x32\...\Worms W.M.D_is1) (Version: - )
XSplit Gamecaster (HKLM-x32\...\{6653CF8C-38BE-4F69-8AB8-77E20E4F841E}) (Version: 2.8.1607.2032 - SplitmediaLabs)

Packages:
=========
8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.14.0_x64__b6e429xa66pga [2020-06-14] (Finebits OÜ) [MS Ad]
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2019-07-07] (Acer Incorporated)
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17606.0_x64__wxjjre7dryqb6 [2020-06-10] (Axilesoft)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.200.0_x86__kgqvnymyfvs32 [2020-06-14] (king.com)
Deep Rock Galactic -> C:\Program Files\WindowsApps\CoffeeStainStudios.DeepRockGalactic_1.30.40449.2_x64__496a1srhmar9w [2020-05-30] (Coffee Stain Publishing)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-05] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.1.1_x86__h6adky7gbf63m [2020-05-21] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-14] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-15] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2 [2020-03-09] (Code Spark)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt [2020-06-10] (INTEL CORP) [Startup Task]
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.9.0.0_x86__crhqpqs3x1ygc [2020-06-04] (PicsArt Inc.) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-07-09] (Plex)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-03] (Spotify AB) [Startup Task]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-07-09] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Predator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-02-28 20:39 - 2019-02-28 20:40 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-02-28 20:40 - 2019-02-28 20:40 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-02-28 20:40 - 2019-02-28 20:40 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2017-12-15 22:00 - 2017-12-15 22:00 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2017-12-15 22:00 - 2017-12-15 22:00 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 000883160 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2012-06-26 14:08 - 2012-06-26 14:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 12:58 - 2012-06-26 12:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 14:08 - 2012-06-26 14:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2019-02-28 20:39 - 2019-02-28 20:39 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Predator\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Predator\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [452]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\sharepoint.com -> hxxps://zspisek.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2019-08-10 21:13 - 000000153 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 app.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-404591140-1402169592-305344172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Predator\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\712843reuwL._SS500_.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D98F2EAD-FE90-4D4F-A3EA-61B92DBF57A7}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1BF63372-1EBB-4900-AEF0-277FD7D85213}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D555DC2C-A48B-4980-9D3C-5E00E4814245}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D4A50D7F-D3B3-4174-ABB9-6350E56237B0}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C20FF27-64A4-4C1F-B9B4-1B3ED973927E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{65445D62-2EEB-4226-A23C-CF1F37F227AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{725FF95A-0620-4FF0-8088-48F8E1CC0E65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{2ED35CF1-49B1-4FC3-BC7B-F495BBFA5F04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{8BAD61D1-F5F2-4373-BBE0-F6AE504B3A1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{187ECDA7-AC77-4CAE-A0A8-2335D7BCA1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{A6396281-D7CA-4F2A-B540-389CD4D6693D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E589D51E-1816-4197-9B5D-8307876765E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFA86301-C76C-492E-BFC3-8AE3655F8715}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3A445BC-6E12-4EE4-A37A-33C51CEFC401}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7BEE9BD8-0B64-4629-9565-C7E4E56DDBBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{F262DB37-B0B8-486A-80E3-A6428ECBE762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{5007B0FE-1F6D-4244-947C-6B272324FEC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{217D40B4-4509-4059-A756-4BC1613A2C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{369216BA-C718-4252-9E7B-5BB9E854AB72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8B5D28FA-D73B-4A95-90D5-EDF448ED56F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{347A409B-88FE-4F7C-A2B9-D7F9B253A8B3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4F980301-99D4-4ACA-B0BD-B9744DD1F114}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E3603C58-B6E6-4B49-9E22-EA0606DB68E9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2599493D-15D9-467C-8531-1EF798B891BB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A9851275-6AD7-4E07-B1F9-3CC414F86196}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{37039CF4-277F-438F-8270-1B3771585E02}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{800E5148-28B3-431A-AD2C-B48FFB4F7257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{8FABA55D-DEED-4A90-B19B-DE13499239F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{3FDE0431-C8A7-4A33-A2B0-B565B8C102A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{165C4117-C9D0-41EF-909F-AE2CC3E1F7A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{15BDA321-F3DE-4B80-8B91-B88240F8EEC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{6B58E5FA-019C-4C75-86E6-E98CE8C19C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{F020605C-7B87-40EA-B7A4-8679D98B25A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFC77A00-FC32-43BB-8D9A-DEB01031A3C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BA486C3-C258-43B3-9ECE-14751665E942}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA012CDE-5D28-4A25-BCB5-A08BF70D9DAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{132C2BC1-AAEF-4841-80F0-637019F75209}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{655BA11B-ACDC-4866-9961-B6564CDE9504}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{3F53769E-1C4C-4D2D-A1CF-EFA07549BBA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1E4E3BA8-D13E-4577-BE99-8B949BF562C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F36A7DFA-3EC0-4037-8031-744A785098EA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{757DECA6-7B16-4441-A338-1D69EA28DCF2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2DF3267D-2AC5-4E52-B0D7-75E5579875B2}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5E67A9-2EC0-4F78-A410-98243C819A43}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{C53EF0A2-79F5-4F77-99CD-29445F9C9E0F}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{1AD55626-4781-46D1-8E6D-2BB8768E3814}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA529B22-4BAA-4125-8C12-DC8B4EA13FC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{64FA7DC1-8E61-4FEB-868D-CADA609222CB}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D813CE4E-63F0-4E5F-9D3A-CF61713F298A}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0703D789-6C85-43D8-A297-DCCA114FDCFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{F03C9FEB-245D-4DEA-BA95-A4FB90814C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{23FADE8F-554F-46C4-9692-FD7C0E2C1C0A}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{4B2CBC2A-F613-432C-9D07-AC8AE54AAD50}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5EA6124C-F169-4AE1-98E5-C360D9FBE975}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [UDP Query User{610E4D11-9E44-4FF0-B15A-525B07C86AA8}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [TCP Query User{B0418CE1-2FA7-43FE-8DAD-8BBC514692A8}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{CA6E2FEC-9DBA-4CCB-A39C-BDD29F3DCD6E}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{0B1C989A-FEBC-43AD-BBEE-12E51D828877}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{6E3770A2-E167-4657-88E1-DD0DC58ADF5C}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1C4D9205-4666-4F96-88BF-04B22D92F065}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D49DE036-7805-4A1C-BC5C-73E8D201081E}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{94EB2751-65BA-4817-AC2A-2501DF68D1FC}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [UDP Query User{1B4D27B4-CFC9-45E3-B8B5-8E9BF91FA240}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CDA633F0-B78D-4169-BF95-FEB4FD8904B9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CD63C164-6897-4DE7-828C-F407B463E6E9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{2B08065C-E8F4-4CBD-8667-FCA1D1476FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{991D6650-66E9-486A-851F-F22D25D23377}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{606871D5-0199-41CC-9B6B-C6758E8FCDC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1508C5B2-5DA3-4228-8BCC-E4A01179C831}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{231928F7-2D1E-4C1E-84EA-1F259EA0705F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{943B5EA3-02CB-44B3-B54A-C215AFCDD62C}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{FA446355-DD35-414A-8A7A-A3004B772FEA}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{79D08832-70D5-4099-BD54-8E56677AE5C4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{FF0362DF-9019-4F01-A2FC-D69BC13AECC4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{AC0678DD-6C6C-4F3F-8B46-636826D48638}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{2C135223-B3D2-4AB3-AA12-B58E7B55300F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{4DE159AB-1AAB-4F91-9D0B-D20BAEC3B86E}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{33479A1E-F2F1-4990-BEAA-19403BF583B2}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{66A22761-795F-4058-94F9-E2E71C1FDF6F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{BFD7422C-698F-44EB-9279-3CBF8D4EC70C}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{85479887-65A8-4087-8162-754513832B33}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{20704B60-4560-434A-9F05-6B0E3971120F}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{8C027259-B5FF-48D3-BE56-B2128DCF8725}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{FEFFA9F3-1525-420E-8605-1436F2A0721A}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{A06C02A6-5652-4A16-A282-19D91D9FF0CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C30BF3F-B77B-42F5-9D98-336C4EE1EC8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD94636E-8299-44D0-8267-4915F75AE44C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B2738C2-2A70-4907-9105-9BB7E294D075}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{76942212-081A-4E5A-924F-5BAEC632A571}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{759F3432-D565-4EB5-875D-E31D678E85BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EF82119-789B-4F41-8310-F6FE0CAC1E50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC794A6B-6BDD-47A7-A26E-96D591C73EE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8E9CE3-3DDA-4D20-8001-8FEADA05D19E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{20CCC4E4-A43F-4F66-A1A0-FAF9844EE7B6}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

14-06-2020 21:51:50 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/15/2020 02:58:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5416,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/15/2020 02:54:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Teams.exe, verze: 1.3.0.13565, časové razítko: 0x5e5e3091
Název chybujícího modulu: Teams.exe, verze: 1.3.0.13565, časové razítko: 0x5e5e3091
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000002572fc1
ID chybujícího procesu: 0x2820
Čas spuštění chybující aplikace: 0x01d6429f1bcc4bd9
Cesta k chybující aplikaci: C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe
Cesta k chybujícímu modulu: C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe
ID zprávy: 686c3116-1648-4a06-add8-1dbd9b863746
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/15/2020 09:25:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10192,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/15/2020 05:50:25 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4216,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/15/2020 04:23:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7860,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/15/2020 01:50:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/15/2020 01:08:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6104,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/15/2020 12:42:52 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (06/15/2020 12:59:00 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.

Error: (06/15/2020 12:56:51 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (06/15/2020 12:54:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service přestala během spouštění reagovat.

Error: (06/15/2020 12:52:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/15/2020 12:52:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (06/15/2020 12:47:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.StateRepository.ApplicationExtension se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2020 12:46:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Adobe Acrobat Update Service bylo dosaženo časového limitu (45000 ms).

Error: (06/15/2020 12:46:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ClickToRunSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2020-06-14 20:34:00.980
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe provádění změn v paměti.
Čas detekce: 2020-06-14T18:34:00.891Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
Verze bezpečnostních informací: 1.317.1359.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-14 17:09:35.703
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe provádění změn v paměti.
Čas detekce: 2020-06-14T15:09:35.666Z
Uživatel: LAPTOP-H32871D3\Predator
Cesta: \Device\CdRom0
Název procesu: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
Verze bezpečnostních informací: 1.317.1209.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-12 11:06:35.331
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T09:06:35.331Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-12 09:20:43.389
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T07:20:43.389Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5

Date: 2020-06-05 10:19:31.207
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68503505-D168-4EE6-A7BC-DAEDB2A51D84}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-06-14 19:41:00.595
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-06-14 17:17:23.933
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-05-29 10:45:51.203
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-29 10:45:51.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-07-21 08:02:04.537
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:04.534
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:04.528
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:04.525
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-21 08:02:00.838
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-07-20 07:47:21.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.09 07/06/2017
Motherboard: KBL Sienna_KLS
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 52%
Total physical RAM: 8075.6 MB
Available physical RAM: 3825.63 MB
Total Virtual: 16267.6 MB
Available Virtual: 10169.77 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:157.92 GB) NTFS

\\?\Volume{8e50c848-128d-46d1-bb22-1be59db4d711}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.54 GB) NTFS
\\?\Volume{ecc835b1-9baa-468e-b73a-034ba01cdaa1}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AEEE2585)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118273
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Totálně zpomalený notebook

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
AlternateDataStreams: C:\Users\Predator\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Predator\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [452]
FirewallRules: [{CDA633F0-B78D-4169-BF95-FEB4FD8904B9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CD63C164-6897-4DE7-828C-F407B463E6E9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [TCP Query User{943B5EA3-02CB-44B3-B54A-C215AFCDD62C}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{FA446355-DD35-414A-8A7A-A3004B772FEA}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4D328568-6C20-4D5C-B878-4E5EB902FB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {84C98F76-8A30-40CC-A455-C38260769978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> DefaultScope {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
S4 EasyAntiCheatSys; no ImagePath
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#9 Příspěvek od luki123 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Predator (15-06-2020 18:20:44) Run:1
Running from C:\Users\Predator\Desktop
Loaded Profiles: Predator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\Users\Predator\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Predator\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [452]
FirewallRules: [{CDA633F0-B78D-4169-BF95-FEB4FD8904B9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CD63C164-6897-4DE7-828C-F407B463E6E9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [TCP Query User{943B5EA3-02CB-44B3-B54A-C215AFCDD62C}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{FA446355-DD35-414A-8A7A-A3004B772FEA}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4D328568-6C20-4D5C-B878-4E5EB902FB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {84C98F76-8A30-40CC-A455-C38260769978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> DefaultScope {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
S4 EasyAntiCheatSys; no ImagePath
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
C:\Users\Predator\Data aplikací => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully
"C:\Users\Predator\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CDA633F0-B78D-4169-BF95-FEB4FD8904B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD63C164-6897-4DE7-828C-F407B463E6E9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{943B5EA3-02CB-44B3-B54A-C215AFCDD62C}C:\program files\epic games\gtav\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FA446355-DD35-414A-8A7A-A3004B772FEA}C:\program files\epic games\gtav\gta5.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D328568-6C20-4D5C-B878-4E5EB902FB95}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D328568-6C20-4D5C-B878-4E5EB902FB95}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{84C98F76-8A30-40CC-A455-C38260769978}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84C98F76-8A30-40CC-A455-C38260769978}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKU\S-1-5-21-404591140-1402169592-305344172-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-404591140-1402169592-305344172-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1E66B54E-C49E-4E99-9671-ABE6F194F416} => removed successfully
HKLM\System\CurrentControlSet\Services\EasyAntiCheatSys => not found
EasyAntiCheatSys => service removed successfully
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => moved successfully
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 583726576 B
Java, Flash, Steam htmlcache => 444793555 B
Windows/system/drivers => 6424465 B
Edge => 1957402 B
Chrome => 485187779 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 10057008 B
defaultuser0 => 10057008 B
Predator => 31181954 B
Administrator => 66589871 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:27:53 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118273
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Totálně zpomalený notebook

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#11 Příspěvek od luki123 »

sytém po restartu nabíhal cca 15 minut využití disku 100% takže použitelný je asi za 20 minut
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118273
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Totálně zpomalený notebook

#12 Příspěvek od Rudy »

Zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#13 Příspěvek od luki123 »

po defragmentaci se to zdá být podstatně lepší
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118273
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Totálně zpomalený notebook

#14 Příspěvek od Rudy »

Tak to jsem rád. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
luki123
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 13 led 2010 18:25

Re: Totálně zpomalený notebook

#15 Příspěvek od luki123 »

Díky moc :thumbsup:
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“