Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

pomalé PC prosím o kontrolu ďakujem

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Loverell
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 07 zář 2009 10:29

pomalé PC prosím o kontrolu ďakujem

#1 Příspěvek od Loverell »

Logfile of random's system information tool 1.16 (written by random/random)
Run by Loverell at 2018-05-05 23:56:10
Microsoft Windows 10 Home
System drive C: has 717 GB (79%) free of 905 GB
Total RAM: 8098 MB (49% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:56:32, on 05.05.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Loverell\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Loverell\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
C:\Users\Loverell\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
C:\Plex\Plex Media Server\Plex Media Server.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexDlnaServer.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\Plex\Plex Media Server\PlexScriptHost.exe
C:\WINDOWS\SysWow64\RdrLeakDiag.exe
C:\Program Files\trend micro\Loverell_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Loverell\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{6911f2f5-4e05-4fcf-9bc9-5595a9bbd8e1}: NameServer = 195.146.132.58 195.146.128.62
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: CCSDK - Lenovo - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Lenovo - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\Program Files (x86)\DatacardService\HWDeviceService64.exe
O23 - Service: IAStorDataMgrSvc - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem32.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe
O23 - Service: @oem40.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Internet Manager. OUC (Internet Manager. RunOuc) - Unknown owner - C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MyWiFiDHCPDNS - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Plex Update Service (PlexUpdateService) - Plex, Inc. - C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SAService - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12519 bytes

====== Enumerating Processes ======

c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-550897fb-54d8-4283-9b6f-8834cbf52218 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c4b5ea41-4ae7-49f9-8d75-4f3e4376a54f -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a43a7129-8bf2-4d7e-98ec-efb99d2725d9 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-db8a036a-31b8-4f03-9a8e-15a316f8930e -LifetimeId:e4cd1a23-43c0-47e3-968f-f7be1b0c713e -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-691f6d9d-3209-4583-8cf9-47640e8d3200 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e98144c3-a31a-424d-beda-4c4ac7bd0493 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-86f69d79-4331-4658-9666-6488c552de7e -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-beec04e8-c045-453b-a7ea-2328144f1616 -LifetimeId:d5a0ca22-360c-4df7-96b7-040e700865c9 -DeviceGroupId:
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s WwanSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\WLANExt.exe 3037917049568
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\DatacardService\HWDeviceService64.exe" -/service
C:\WINDOWS\system32\ibtsiva.exe
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
"C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/T-Mobile/InternetManager_H/UpdateDog/"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxEM.exe"
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SmsRouter
"C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1804.911.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
"C:\Users\Loverell\AppData\Roaming\uTorrent\uTorrent.exe"
"C:\Users\Loverell\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe" uTorrent_7048_02BBEB90_1484416464 µTorrent4823DF041B09 uTorrent
"C:\Users\Loverell\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe" uTorrent_7048_02BBECC0_1245033430 µTorrent4823DF041B09 uTorrent
C:\WINDOWS\system32\AUDIODG.EXE 0x6c0
"C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe"
"C:\Plex\Plex Media Server\Plex Media Server.exe"
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\System.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexDlnaServer.exe"
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\LocalMedia.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\LyricFind.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\MoviePosterDB.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\OpenSubtitles.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\PersonalMedia.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\PlexMusic.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\PlexThemeMusic.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\PlexVevo.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\TheMovieDB.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Plex\Plex Media Server\Resources\Plug-ins-5089475\TheTVDB.bundle"
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\taskhostw.exe
C:\WINDOWS\SysWow64\RdrLeakDiag.exe -p 5076 -h 25 -tp 2 -cleanup -watson -unnamed
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-538990ef-b0f0-4c3c-841b-6c0126c6f6e8 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e03c8707-ad40-4bb5-852b-6e1b4cdc83e4 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-473ccfdc-6306-4853-b6e7-b90510679316 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-58d806ae-48f5-48b6-aa0f-9f1aa5495ea8 -LifetimeId:cfdf8c0e-43f1-439d-b817-fc287cd4ae8d -DeviceGroupId:WpdFsGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe81_ Global\UsGthrCtrlFltPipeMssGthrPipe81 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Loverell\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Loverell\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Loverell\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.139 --initial-client-data=0x1dc,0x1e0,0x1e4,0x1d8,0x1e8,0x7fff8d873218,0x7fff8d873228,0x7fff8d873238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=12892 --on-initialized-event-handle=676 --parent-handle=684 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1536,13841030054419970222,16604818432526587477,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=BE0F11659EA1D0DEF913AC012FB9535F --mojo-platform-channel-handle=1552 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,13841030054419970222,16604818432526587477,131072 --service-pipe-token=2874B110D75344589C5023ADFEDC6069 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=2874B110D75344589C5023ADFEDC6069 --renderer-client-id=3 --mojo-platform-channel-handle=3160 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,13841030054419970222,16604818432526587477,131072 --service-pipe-token=30D130E73E82A427870447DBB771BACF --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=30D130E73E82A427870447DBB771BACF --renderer-client-id=9 --mojo-platform-channel-handle=5644 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 696 712 724 8192 720
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Loverell\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
C:\WINDOWS\system32\tasks\AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\HPLJCustParticipation - "C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe"
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-1105126976-3040380396-2804259277-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{28448BCD-1A4A-4BCB-966F-13E021CE5E98} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WaaSMedic\PerformRemediation - %systemroot%\System32\WaaSMedic.exe None
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download - %systemroot%\system32\usoclient.exe StartDownload
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Driver Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:Hadron5:{}
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\WINDOWS\system32\tasks\Lenovo\REACHit Agent Startup - "C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe" /nobrowser
C:\WINDOWS\system32\tasks\Lenovo\REACHit Agent Update - "C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe" -update
C:\WINDOWS\system32\tasks\Lenovo\SHPrompt - "C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe"
C:\WINDOWS\system32\tasks\Lenovo\SHUpdate - "C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe" -runInBackground -tryTillSuccess
C:\WINDOWS\system32\tasks\Lenovo\ImController\Lenovo iM Controller Monitor - "%windir%\system32\ImController.InfInstaller.exe" -checkremoval
C:\WINDOWS\system32\tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - %windir%\system32\sc.exe START ImControllerService
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\1192712a-74d6-4ab9-afd5-e35d124c786d - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 1192712a-74d6-4ab9-afd5-e35d124c786d
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\2f76210b-645d-4e8d-9601-b0cd032a3173 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 2f76210b-645d-4e8d-9601-b0cd032a3173
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\5e82aee3-1458-4f4d-be59-f126146c87cc - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 5e82aee3-1458-4f4d-be59-f126146c87cc
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\6e0a35fb-1fd5-40df-ad90-4c66ee9c53b3 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 6e0a35fb-1fd5-40df-ad90-4c66ee9c53b3
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\7ca535e1-dcd5-4aee-ab5c-764277774fc0 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 7ca535e1-dcd5-4aee-ab5c-764277774fc0
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\7fcde815-d96f-4ebb-aadb-55d7f0cef496 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 7fcde815-d96f-4ebb-aadb-55d7f0cef496
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\9da307ed-be69-4505-8616-c4a973dcb342 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 9da307ed-be69-4505-8616-c4a973dcb342
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\b21e08c0-5719-420e-a835-bf7ff7e24834 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger b21e08c0-5719-420e-a835-bf7ff7e24834
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\b4d047b9-d4b6-4d4d-b6b5-dec378225d09 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger b4d047b9-d4b6-4d4d-b6b5-dec378225d09
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\bde9cf61-7468-4d5e-8e63-8491429406f1 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger bde9cf61-7468-4d5e-8e63-8491429406f1
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\d5f683fd-b9e4-450d-9612-062ee45de575 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger d5f683fd-b9e4-450d-9612-062ee45de575
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\e77894d6-8b1c-40df-a055-c51eb1012c63 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger e77894d6-8b1c-40df-a055-c51eb1012c63
C:\WINDOWS\system32\tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
C:\WINDOWS\system32\tasks\AVAST Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe

=========Google Chrome=========

C:\Users\Loverell\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 12.0.222
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.29.2
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 12.0.222
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage:
default_search_provider.search_url:
C:\Users\Loverell\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={E035B53D-6970-47CA-B5C9-89603F7B5655}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E035B53D-6970-47CA-B5C9-89603F7B5655}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCTE


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={E035B53D-6970-47CA-B5C9-89603F7B5655}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E035B53D-6970-47CA-B5C9-89603F7B5655}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCTE

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"MouseDriver"=TiltWheelMouse.exe []
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2015-12-08 602968]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-11-18 71168]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2016-01-08 1831256]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-04-07 242392]
"LenovoUtility"=C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [2017-07-27 911272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Loverell\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-05-01 1624224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-03-06 17074688]
"Plex Media Server"=C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2018-02-15 17488872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2014-02-12 330040]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-11-16 318128]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2017-02-27 2306456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-05-05 23:56:10 ----D---- C:\rsit
2018-04-15 20:46:05 ----D---- C:\Program Files (x86)\AVAST Software
2018-04-15 20:42:57 ----D---- C:\WINDOWS\system32\drivers\wd
2018-04-13 09:20:30 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-04-13 09:20:30 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-04-13 09:20:29 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-04-13 09:20:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-04-13 09:20:28 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-04-13 09:20:28 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-04-13 09:20:28 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-04-13 09:20:28 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-04-13 09:20:28 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-04-13 09:20:28 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-04-13 09:20:28 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-04-13 09:20:27 ----A---- C:\WINDOWS\system32\drivers\wcnfs.sys
2018-04-13 09:20:27 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-04-13 09:20:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-04-13 09:20:26 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-04-13 09:20:26 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-04-13 09:20:25 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-04-13 09:20:25 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-04-13 09:20:25 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-04-13 09:20:25 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-04-13 09:20:25 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-04-13 09:20:25 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-04-13 09:20:25 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-04-13 09:20:25 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-04-13 09:20:24 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-04-13 09:20:24 ----A---- C:\WINDOWS\system32\hal.dll
2018-04-13 09:20:24 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-04-13 09:20:24 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-04-13 09:20:24 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-04-13 09:20:24 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-04-13 09:20:24 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-04-13 09:20:23 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\wow64.dll
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-04-13 09:20:23 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-04-13 09:20:22 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-04-13 09:20:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-04-13 09:20:22 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-04-13 09:20:22 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-04-13 09:20:22 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-04-13 09:20:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-04-13 09:20:22 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-04-13 09:20:21 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-04-13 09:20:20 ----A---- C:\WINDOWS\system32\drivers\bam.sys
2018-04-13 09:20:19 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\InputService.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-04-13 09:20:19 ----A---- C:\WINDOWS\system32\davclnt.dll
2018-04-13 09:20:18 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-04-13 09:20:18 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-04-13 09:20:18 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-04-13 09:20:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-04-13 09:20:17 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-04-13 09:20:17 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-04-13 09:20:16 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-04-13 09:20:16 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-04-13 09:20:16 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-04-13 09:20:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-04-13 09:20:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-04-13 09:20:16 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-04-13 09:20:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\jscript.dll
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-04-13 09:20:15 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-04-13 09:20:14 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-04-13 09:20:14 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-04-13 09:20:13 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-13 09:20:13 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-13 09:20:13 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-04-13 09:20:13 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-04-13 09:20:12 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-04-13 09:20:11 ----A---- C:\WINDOWS\system32\wininet.dll
2018-04-13 09:20:11 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-04-13 09:20:11 ----A---- C:\WINDOWS\system32\ole32.dll
2018-04-13 09:20:11 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-04-13 09:20:11 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-04-13 09:20:11 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-04-13 09:20:11 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\wlansec.dll
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\WebClnt.dll
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-04-13 09:20:10 ----A---- C:\WINDOWS\system32\msIso.dll
2018-04-13 09:20:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-04-13 09:20:08 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-04-13 09:20:08 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-04-13 09:20:07 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-04-13 09:20:07 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-04-13 09:20:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-04-13 09:20:07 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-04-13 09:20:06 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-04-13 09:20:06 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-04-13 09:20:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-04-13 09:20:06 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-04-13 09:20:05 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-04-13 09:20:05 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-04-13 09:20:05 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-04-13 09:20:05 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2018-04-13 09:20:05 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-04-13 09:20:05 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2018-04-13 09:20:04 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-04-13 09:20:04 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-04-13 09:20:04 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-04-13 09:20:04 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-04-13 09:20:04 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-04-13 09:20:04 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-04-13 09:20:04 ----A---- C:\WINDOWS\system32\iumdll.dll
2018-04-13 09:20:04 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-04-13 09:20:04 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-04-13 09:20:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-04-13 09:20:03 ----A---- C:\WINDOWS\system32\twinui.dll
2018-04-13 09:20:03 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-04-13 09:20:03 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-04-13 09:20:03 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-04-13 09:20:03 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-04-13 09:20:02 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-04-13 09:20:02 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-04-13 09:20:02 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-04-13 09:20:02 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-04-13 09:20:02 ----A---- C:\WINDOWS\system32\localspl.dll
2018-04-13 09:20:02 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-04-13 09:20:01 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-04-13 09:20:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-04-13 09:20:01 ----A---- C:\WINDOWS\system32\shell32.dll
2018-04-13 09:20:01 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-04-13 09:20:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-13 09:20:00 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-04-13 09:20:00 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-04-13 09:19:59 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-04-13 09:19:59 ----A---- C:\WINDOWS\system32\VSSVC.exe
2018-04-13 09:19:59 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-04-13 09:19:55 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-04-13 09:19:55 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-04-13 09:19:55 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-04-13 09:19:54 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-04-13 09:19:54 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-04-13 09:19:54 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-13 09:19:54 ----A---- C:\WINDOWS\system32\cdp.dll
2018-04-13 09:19:54 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-04-13 09:19:53 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-04-13 09:19:53 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-04-13 09:19:53 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-04-13 09:19:53 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-04-13 09:19:52 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-04-13 09:19:52 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-04-13 09:19:52 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-04-13 09:19:52 ----A---- C:\WINDOWS\system32\container.dll
2018-04-13 09:19:51 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-04-13 09:19:51 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-04-13 09:19:51 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-04-13 09:19:51 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-04-13 09:19:50 ----A---- C:\WINDOWS\system32\winresume.exe
2018-04-13 09:19:50 ----A---- C:\WINDOWS\system32\winload.exe
2018-04-13 09:19:50 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-04-13 09:19:50 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-04-13 09:19:49 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\invagent.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\devinv.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\aepic.dll
2018-04-13 09:19:49 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-04-13 09:19:48 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-04-13 09:19:47 ----A---- C:\WINDOWS\system32\usocore.dll
2018-04-13 09:19:47 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-04-13 09:19:47 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-04-13 09:19:47 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-04-13 09:19:47 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-04-13 09:19:46 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-04-13 09:19:46 ----A---- C:\WINDOWS\system32\FntCache.dll
2018-04-13 09:19:46 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-04-13 09:19:45 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-04-13 09:19:45 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-04-13 09:19:45 ----A---- C:\WINDOWS\system32\skci.dll
2018-04-13 09:19:45 ----A---- C:\WINDOWS\system32\ci.dll
2018-04-13 09:19:45 ----A---- C:\WINDOWS\system32\BingMaps.dll
2018-04-13 09:19:44 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2018-04-13 09:19:44 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-04-13 09:19:44 ----A---- C:\WINDOWS\system32\mos.dll
2018-04-13 09:19:43 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-04-13 09:19:43 ----A---- C:\WINDOWS\system32\msra.exe
2018-04-13 09:19:43 ----A---- C:\WINDOWS\system32\ieui.dll
2018-04-13 09:19:42 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2018-04-13 09:19:42 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2018-04-13 09:19:42 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-04-13 09:19:42 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-04-13 09:19:42 ----A---- C:\WINDOWS\system32\MapRouter.dll
2018-04-13 09:19:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-04-13 09:19:41 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-04-13 09:19:41 ----A---- C:\WINDOWS\system32\DWrite.dll
2018-04-13 09:19:40 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2018-04-13 09:19:40 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-04-13 09:19:40 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-04-13 09:19:40 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-04-13 09:19:39 ----A---- C:\WINDOWS\system32\qmgr.dll
2018-04-13 09:19:38 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2018-04-13 09:19:37 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2018-04-13 09:19:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2018-04-13 09:19:37 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2018-04-13 09:19:37 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-13 09:19:37 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2018-04-13 09:19:36 ----A---- C:\WINDOWS\system32\racpldlg.dll
2018-04-13 09:19:36 ----A---- C:\WINDOWS\system32\propsys.dll
2018-04-13 09:19:36 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2018-04-13 09:19:35 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2018-04-13 09:19:35 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2018-04-13 09:19:35 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-04-13 09:19:35 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-04-13 09:19:35 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2018-04-13 09:19:35 ----A---- C:\WINDOWS\system32\MapsStore.dll
2018-04-13 09:19:35 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\SYSWOW64\msvcp110_win.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\WinSCard.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\vpnike.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\sensrsvc.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\puiobj.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\ninput.dll
2018-04-13 09:19:34 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\system32\win32spl.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\system32\newdev.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-04-13 09:19:33 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2018-04-13 09:19:31 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2018-04-13 09:19:31 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2018-04-13 09:19:31 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-04-13 09:19:31 ----A---- C:\WINDOWS\system32\basecsp.dll
2018-04-13 09:19:30 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\SYSWOW64\wwapi.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\SYSWOW64\wshhyperv.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\SYSWOW64\icm32.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\wwapi.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\wlanapi.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\TtlsExt.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\SDFHost.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\rmclient.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\NMAA.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\msvcp110_win.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\moshostcore.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\LsaIso.exe
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\logoncli.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\IumSdk.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\iumbase.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\icm32.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\hvhostsvc.dll
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\vdrvroot.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\pcw.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-04-13 09:19:28 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2018-04-13 09:19:27 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2018-04-13 09:19:27 ----A---- C:\WINDOWS\system32\gpapi.dll
2018-04-13 09:19:27 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2018-04-13 09:19:27 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2018-04-13 09:19:26 ----A---- C:\WINDOWS\SYSWOW64\mscms.dll
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\wshhyperv.dll
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\scksp.dll
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\puiapi.dll
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\mscms.dll
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys
2018-04-13 09:19:26 ----A---- C:\WINDOWS\system32\certprop.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\SYSWOW64\wsnmp32.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\SYSWOW64\wlgpclnt.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\wudriver.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\gpsvc.dll
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2018-04-13 09:19:25 ----A---- C:\WINDOWS\system32\adhsvc.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\TtlsCfg.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\wups.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\wscsvc.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\wlgpclnt.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\wfdprov.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\TtlsCfg.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\TtlsAuth.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\tcpmon.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\occache.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\NetDriverInstall.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\ncbservice.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\imgutil.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\Synth3dVsc.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\storqosflt.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\rdpbus.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\lltdio.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\irda.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\dmvsc.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\compstui.dll
2018-04-13 09:19:24 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\wextract.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\WcnEapPeerProxy.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\WcnEapAuthProxy.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\url.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\tzres.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\pngfilt.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\mshta.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\licmgr10.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\jsproxy.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\inseng.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\iexpress.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\iesysprep.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\iesetup.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\iernonce.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\vms3cap.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\vmgid.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\vmgencounter.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\VMBusHID.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\null.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\HyperVideo.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\hyperkbd.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\gpuenergydrv.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\drivers\beep.sys
2018-04-13 09:19:23 ----A---- C:\WINDOWS\system32\appidtel.exe
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\wmiprop.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\perfhost.exe
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\fdWNet.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\fdPnp.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\WSDMon.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\wmiprop.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\wkssvc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\wc_storage.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\vmictimeprovider.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\usbmon.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\sysntfy.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\srvsvc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\SessEnv.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\psmsrv.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\offreg.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\nsisvc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\nrpsrv.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\msrating.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\keyiso.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\kerberos.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\icsvcext.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\icsvc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\httpprxm.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\hlink.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\fdWNet.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\fdPnp.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\efssvc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\efslsaext.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\dot3svc.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2018-04-13 09:19:22 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-04-07 07:41:25 ----A---- C:\WINDOWS\system32\drivers\lpsport.sys
2018-04-07 07:40:29 ----A---- C:\WINDOWS\system32\aswBoot.exe

====== List of files/folders modified in the last 1 month ======

2018-05-05 23:57:03 ----D---- C:\Users\Loverell\AppData\Roaming\uTorrent
2018-05-05 23:56:33 ----D---- C:\WINDOWS\Temp
2018-05-05 23:56:25 ----D---- C:\Program Files\trend micro
2018-05-05 23:56:14 ----D---- C:\WINDOWS\Prefetch
2018-05-05 23:28:13 ----D---- C:\WINDOWS\system32\sru
2018-05-05 22:29:48 ----HD---- C:\Program Files\WindowsApps
2018-05-05 22:29:47 ----D---- C:\WINDOWS\AppReadiness
2018-05-05 22:27:57 ----D---- C:\WINDOWS\DeliveryOptimization
2018-05-05 22:27:03 ----D---- C:\Windows
2018-05-05 22:06:27 ----D---- C:\Users\Loverell\AppData\Roaming\MPC-HC
2018-05-05 22:06:25 ----D---- C:\WINDOWS\INF
2018-05-05 21:47:02 ----D---- C:\WINDOWS\system32\SleepStudy
2018-05-05 00:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-05-04 22:53:19 ----SHD---- C:\System Volume Information
2018-05-04 22:52:45 ----D---- C:\WINDOWS\Logs
2018-05-04 22:50:00 ----RD---- C:\WINDOWS\Microsoft.NET
2018-05-04 11:43:56 ----D---- C:\Práca
2018-05-03 23:32:55 ----RSD---- C:\WINDOWS\assembly
2018-05-03 23:24:57 ----D---- C:\ProgramData\NVIDIA
2018-05-01 09:46:24 ----D---- C:\WINDOWS\system32\Tasks
2018-04-23 16:09:53 ----D---- C:\WINDOWS\system32\config
2018-04-19 23:33:37 ----AD---- C:\Program Files\CCleaner
2018-04-19 10:06:07 ----D---- C:\WINDOWS\System32
2018-04-19 10:06:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-19 09:57:18 ----D---- C:\AdwCleaner
2018-04-19 09:47:59 ----D---- C:\WINDOWS\system32\drivers
2018-04-19 09:46:47 ----D---- C:\WINDOWS\system32\NDF
2018-04-16 22:09:18 ----D---- C:\WINDOWS\debug
2018-04-16 14:25:38 ----D---- C:\WINDOWS\system32\DriverStore
2018-04-16 14:25:36 ----D---- C:\WINDOWS\WinSxS
2018-04-16 12:31:55 ----D---- C:\WINDOWS\rescache
2018-04-15 20:51:18 ----SHDC---- C:\WINDOWS\Installer
2018-04-15 20:49:17 ----D---- C:\ProgramData\AVAST Software
2018-04-15 20:46:05 ----D---- C:\Program Files (x86)
2018-04-15 20:10:00 ----D---- C:\WINDOWS\SysWOW64
2018-04-15 20:06:57 ----D---- C:\WINDOWS\system32\catroot2
2018-04-15 20:05:37 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-04-15 20:05:37 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2018-04-15 20:05:37 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-04-15 20:05:37 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-04-15 20:05:29 ----SD---- C:\WINDOWS\system32\F12
2018-04-15 20:05:29 ----D---- C:\WINDOWS\system32\sk-SK
2018-04-15 20:05:29 ----D---- C:\WINDOWS\system32\migration
2018-04-15 20:05:28 ----D---- C:\WINDOWS\system32\en-US
2018-04-15 20:05:28 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-04-15 20:05:28 ----D---- C:\WINDOWS\system32\Boot
2018-04-15 20:05:28 ----D---- C:\WINDOWS\system32\appraiser
2018-04-15 20:05:24 ----D---- C:\WINDOWS\ShellExperiences
2018-04-15 20:05:24 ----D---- C:\WINDOWS\apppatch
2018-04-15 20:05:24 ----D---- C:\Program Files\internet explorer
2018-04-15 20:05:24 ----D---- C:\Program Files (x86)\Internet Explorer
2018-04-15 20:05:18 ----D---- C:\WINDOWS\system32\CodeIntegrity
2018-04-14 22:33:21 ----SD---- C:\ProgramData\Microsoft
2018-04-14 10:41:06 ----D---- C:\WINDOWS\CbsTemp
2018-04-13 09:33:50 ----D---- C:\WINDOWS\system32\MRT
2018-04-13 09:31:28 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-13 09:31:19 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-04-12 09:15:35 ----D---- C:\WINDOWS\SoftwareDistribution

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-03-21 199440]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-03-21 343752]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-03-21 57680]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-04-07 84368]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-04-07 380528]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-09-20 795640]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-04-07 196640]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-03-21 227504]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-04-07 227784]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-04-07 111352]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-04-07 1026696]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-04-07 460520]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-04-13 147224]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-04-07 205976]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-07-29 42328]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Microsoft Bluetooth Protocol Support Driver; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 CnxtHdAudService;@oem8.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2016-01-27 1550328]
R3 ibtusb;@oem32.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-04-13 244744]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2017-09-29 7689728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_984d7ebc1a4a35bd\nvlddmkm.sys [2017-06-28 15625336]
R3 nvvad_WaveExtensible;@oem63.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-06-28 48064]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 rt640x64;@oem60.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-12-22 935168]
R3 RTSUER;@oem54.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-10-15 408280]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-04-07 46968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-03-13 1015296]
S3 dg_ssudbus;@oem61.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem122.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2015-01-15 18688]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-03-30 73120]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2016-07-29 127616]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2016-07-29 312704]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2018-03-30 28160]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-03-30 192512]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2017-01-17 478272]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-09-29 1849752]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-03 42696]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-04-07 313640]
R2 CDPUserSvc_5d187;Connected Devices Platform User Service_5d187; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2015-09-16 225624]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-02-08 640928]
R2 GDCAgent;GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [2015-07-30 1155512]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\Program Files (x86)\DatacardService\HWDeviceService64.exe [2016-03-24 351888]
R2 ibtsiva;@oem32.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 ImControllerService;@oem40.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-03-02 68336]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-06-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-06-28 449984]
R2 OneSyncSvc_5d187;Sync Host_5d187; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 PlexUpdateService;Plex Update Service; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2018-02-15 2209256]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-02-08 157088]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-04-07 7603408]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-26 43648]
R3 PimIndexMaintenanceSvc_5d187;Kontaktné údaje_5d187; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-15 164984]
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2015-07-29 650680]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-24 176128]
S2 IAStorDataMgrSvc;IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-11-04 19440]
S2 Internet Manager. RunOuc;Internet Manager. OUC; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [2015-07-06 682072]
S2 MessagingService_5d187;MessagingService_5d187; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 SAService;SAService; C:\WINDOWS\syswow64\SAsrv.exe [2015-09-15 431960]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-15 164984]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe [2017-01-04 480192]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_5d187;DevicesFlow_5d187; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MyWiFiDHCPDNS;MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-02-08 268192]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_5d187;PrintWorkflow_5d187; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: pomalé PC prosím o kontrolu ďakujem

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Loverell
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 07 zář 2009 10:29

Re: pomalé PC prosím o kontrolu ďakujem

#3 Příspěvek od Loverell »

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-02.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-06-2018
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: pomalé PC prosím o kontrolu ďakujem

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Loverell
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 07 zář 2009 10:29

Re: pomalé PC prosím o kontrolu ďakujem

#5 Příspěvek od Loverell »

nech sa páči
Přílohy
Desktop.rar
(25.82 KiB) Staženo 77 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: pomalé PC prosím o kontrolu ďakujem

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
    File: C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
    File: C:\windows\system32\TiltWheelMouse.exe
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\...\MountPoints2: {5d79fcd2-2c3c-11e8-af3d-ac2b6ed65ae1} - "E:\AutoRun.exe" 
    HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\...\MountPoints2: {5d79fd22-2c3c-11e8-af3d-ac2b6ed65ae1} - "E:\AutoRun.exe" 
    SearchScopes: HKU\S-1-5-21-1105126976-3040380396-2804259277-1001 -> DefaultScope {E035B53D-6970-47CA-B5C9-89603F7B5655} URL = 
    SearchScopes: HKU\S-1-5-21-1105126976-3040380396-2804259277-1001 -> {E035B53D-6970-47CA-B5C9-89603F7B5655} URL = 
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\...\StartupApproved\Run: => "OneDrive"
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Loverell
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 07 zář 2009 10:29

Re: pomalé PC prosím o kontrolu ďakujem

#7 Příspěvek od Loverell »

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.05.2018 01
Ran by Loverell (07-05-2018 00:51:47) Run:1
Running from C:\Users\Loverell\Desktop
Loaded Profiles: Loverell (Available Profiles: Loverell)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
File: C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
File: C:\windows\system32\TiltWheelMouse.exe
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\...\MountPoints2: {5d79fcd2-2c3c-11e8-af3d-ac2b6ed65ae1} - "E:\AutoRun.exe"
HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\...\MountPoints2: {5d79fd22-2c3c-11e8-af3d-ac2b6ed65ae1} - "E:\AutoRun.exe"
SearchScopes: HKU\S-1-5-21-1105126976-3040380396-2804259277-1001 -> DefaultScope {E035B53D-6970-47CA-B5C9-89603F7B5655} URL =
SearchScopes: HKU\S-1-5-21-1105126976-3040380396-2804259277-1001 -> {E035B53D-6970-47CA-B5C9-89603F7B5655} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\...\StartupApproved\Run: => "OneDrive"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe ========================

C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
File is digitally signed
MD5: F4CED25C124734A83D20981E16A1E3E6
Creation and modification date: 2018-03-22 10:53 - 2015-07-06 13:18
Size: 000682072
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/e05a001 ... 508322647/

====== End of File: ======


========================= File: C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ========================

C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
File is digitally signed
MD5: 42361B4BD80768E82B80285851037665
Creation and modification date: 2016-06-18 01:13 - 2010-10-26 06:40
Size: 000049056
Attributes: ----A
Company Name:
Internal Name: FMAPP
Original Name: FMAPP.EXE
Product: FMAPP Application
Description: FMAPP Application
File Version: 1, 64, 0, 1
Product Version: 1, 64, 0, 1
Copyright: Copyright (C) 2010
VirusTotal: https://www.virustotal.com/file/a555a6b ... 525626810/

====== End of File: ======


========================= File: C:\windows\system32\TiltWheelMouse.exe ========================

"C:\windows\system32\TiltWheelMouse.exe" => not found
====== End of File: ======

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d79fcd2-2c3c-11e8-af3d-ac2b6ed65ae1}" => removed successfully
HKLM\Software\Classes\CLSID\{5d79fcd2-2c3c-11e8-af3d-ac2b6ed65ae1} => not found
"HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d79fd22-2c3c-11e8-af3d-ac2b6ed65ae1}" => removed successfully
HKLM\Software\Classes\CLSID\{5d79fd22-2c3c-11e8-af3d-ac2b6ed65ae1} => not found
"HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E035B53D-6970-47CA-B5C9-89603F7B5655}" => removed successfully
HKLM\Software\Classes\CLSID\{E035B53D-6970-47CA-B5C9-89603F7B5655} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDrive" => removed successfully
"HKU\S-1-5-21-1105126976-3040380396-2804259277-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDrive" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21138651 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 21770 B
Edge => 9425 B
Chrome => 210070921 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1720744 B
NetworkService => 126496992 B
Loverell => 8639524 B

RecycleBin => 0 B
EmptyTemp: => 359.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:53:02 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: pomalé PC prosím o kontrolu ďakujem

#8 Příspěvek od Conder »

:arrow: Ako to vyzera s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Loverell
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 07 zář 2009 10:29

Re: pomalé PC prosím o kontrolu ďakujem

#9 Příspěvek od Loverell »

vyzerá to lepšie určite :)
ďakujem

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: pomalé PC prosím o kontrolu ďakujem

#10 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět