Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

PC trochu pomalejsi

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
bob0015
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 16 úno 2007 18:00

PC trochu pomalejsi

#1 Příspěvek od bob0015 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Bohus at 2018-08-15 08:30:29
Microsoft Windows 10 Pro
System drive C: has 40 GB (35%) free of 114 GB
Total RAM: 16322 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:30:35, on 15.8.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
C:\WINDOWS\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
d:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\iPass\Open Mobile\omsi\iPlatformHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingApp.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Bohus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [OMClient] C:\Program Files (x86)\iPass\Open Mobile\bin\iMobility.exe /s
O4 - HKLM\..\Run: [GammingApp] C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe --min
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Bohus\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download with FDM - file://D:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dllink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
O23 - Service: GamingHotkey_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iMobilityService - iPass Inc. - C:\Program Files (x86)\iPass\Open Mobile\bin\iMobilityService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe
O23 - Service: iPlatformService - iPass Inc. - C:\Program Files (x86)\iPass\Open Mobile\omsi\iPlatformService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - d:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12976 bytes

======Listing Processes======









c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3afa5f15-8171-466e-9a8d-7329c28060a3 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e5301ea5-3c0f-432e-92bd-0cacd93fde4f -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ab947cff-e61f-42df-88a7-0fed755cc5b4 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1a50d0b6-f717-4f56-be21-de1137f08533 -LifetimeId:7fa03a3b-2799-47d9-9ed3-bbdd9f1c4edc -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s CscService
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s WwanSvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files\Intel\BCA\pabeSvc64.exe"
"C:\Program Files (x86)\iPass\Open Mobile\omsi\iPlatformService.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe"
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
c:\windows\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"d:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {339d87bb-5a48-4087-8b18ea8c7d4a3e83}
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
"C:\Program Files (x86)\iPass\Open Mobile\omsi\iPlatformHost.exe" /system
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\iPass\Open Mobile\bin\iMobilityService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s SmsRouter
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

"C:\Program Files\TrueKey\McTkSchedulerService.exe"

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe"
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe" --normal
C:\WINDOWS\SysWOW64\muachost.exe
"C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe" --start
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe"
"d:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"d:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log d:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"d:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log d:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\iPass\Open Mobile\omsi\iPlatformHost.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"ctfmon.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Bohus\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Bohus\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Bohus\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x1e0,0x1e4,0x1e8,0x1dc,0x1ec,0x7ffc2ec924d0,0x7ffc2ec924e0,0x7ffc2ec924f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2540 --on-initialized-event-handle=688 --parent-handle=700 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=ED8EAF253063FEA36DDDE841B824F273 --mojo-platform-channel-handle=1440 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=0A7839C428AED7042FBA9F59CE2C25B9 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=0A7839C428AED7042FBA9F59CE2C25B9 --renderer-client-id=3 --mojo-platform-channel-handle=2500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=3014E8EB0C3B90C5FE0D3D933A8917D7 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3014E8EB0C3B90C5FE0D3D933A8917D7 --renderer-client-id=7 --mojo-platform-channel-handle=4112 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
AvastUI.exe /nogui
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=35E74FAE8B0609618655922EA8298B64 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=35E74FAE8B0609618655922EA8298B64 --renderer-client-id=6 --mojo-platform-channel-handle=4852 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=1EF2D34B2378718038ED9867ECA88841 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1EF2D34B2378718038ED9867ECA88841 --renderer-client-id=13 --mojo-platform-channel-handle=5708 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=87B7FB6B4832BB5C337A7972958D866B --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=87B7FB6B4832BB5C337A7972958D866B --renderer-client-id=30 --mojo-platform-channel-handle=2688 /prefetch:1
"C:\Program Files (x86)\MSI\Gaming APP\GamingApp.exe" --min
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Bohus\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x10de --gpu-device-id=0x1401 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --lang=en-US --log-file="C:\Users\Bohus\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --service-request-channel-token=9E4B7D15132C957883416BF41C6A850C --mojo-platform-channel-handle=1880 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-browser-side-navigation --no-sandbox --disable-gpu-compositing --service-pipe-token=B05C703ABDCF6F12FBC1210053F0985A --lang=en-US --lang=en-US --log-file="C:\Users\Bohus\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=B05C703ABDCF6F12FBC1210053F0985A --renderer-client-id=2 --mojo-platform-channel-handle=1872 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=858CAA9EA1DB7459F38464373E20C28C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=858CAA9EA1DB7459F38464373E20C28C --renderer-client-id=69 --mojo-platform-channel-handle=14792 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=35A9F5DD1BECDE48D44D08C6BD4B2DAC --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=35A9F5DD1BECDE48D44D08C6BD4B2DAC --renderer-client-id=103 --mojo-platform-channel-handle=12468 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=F813B9A5DF41F7112D9647BDFA5C5B83 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F813B9A5DF41F7112D9647BDFA5C5B83 --renderer-client-id=118 --mojo-platform-channel-handle=16468 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=C2ED75F0CB67EF085FAC005C934C7572 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C2ED75F0CB67EF085FAC005C934C7572 --renderer-client-id=120 --mojo-platform-channel-handle=16440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=6DDEDC74F1AFC44DA84E6702FF6560E2 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6DDEDC74F1AFC44DA84E6702FF6560E2 --renderer-client-id=124 --mojo-platform-channel-handle=9888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=B23517B0AE56F5A028F2DDC673A134B8 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=B23517B0AE56F5A028F2DDC673A134B8 --renderer-client-id=151 --mojo-platform-channel-handle=11780 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=0B318104821C0FC9839D2FC092DD66EF --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=0B318104821C0FC9839D2FC092DD66EF --renderer-client-id=152 --mojo-platform-channel-handle=7772 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=E3EDE94E93DB4195B812E0FBF000C872 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E3EDE94E93DB4195B812E0FBF000C872 --renderer-client-id=397 --mojo-platform-channel-handle=14632 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=8B95114732C2D2C5CC15B1C1569E9606 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8B95114732C2D2C5CC15B1C1569E9606 --renderer-client-id=398 --mojo-platform-channel-handle=11496 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe99_ Global\UsGthrCtrlFltPipeMssGthrPipe99 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 712 724 732 8192 728
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=05DFD0F080663B43A932218806A9C6B9 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=05DFD0F080663B43A932218806A9C6B9 --renderer-client-id=414 --mojo-platform-channel-handle=11428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=17E74818FA4FAF2C3367916DB81D1BDE --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17E74818FA4FAF2C3367916DB81D1BDE --renderer-client-id=418 --mojo-platform-channel-handle=5464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=6548E40172559BDCB513605E1FDBF421 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6548E40172559BDCB513605E1FDBF421 --renderer-client-id=419 --mojo-platform-channel-handle=15336 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,9688726932870747713,3365289999305226807,131072 --service-pipe-token=7CA11B1F88A03FC133B2E71D79E91B6A --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=3 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7CA11B1F88A03FC133B2E71D79E91B6A --renderer-client-id=421 --mojo-platform-channel-handle=10788 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"D:\Users\Bohus\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\DriverToolkit Autorun.job - D:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\WINDOWS\tasks\MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26 435320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26 366200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-28 8447192]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 3113592]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-05-28 36352]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-07-27 242904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Bohus\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-08-13 1644192]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2018-05-30 46281248]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2016-12-09 1207808]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2017-08-14 17310160]
"OMClient"=C:\Program Files (x86)\iPass\Open Mobile\bin\iMobility.exe [2017-04-19 1145160]
"GammingApp"=C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe [2017-05-23 1149904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02 65992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-15 08:30:29 ----D---- C:\rsit
2018-08-15 08:30:29 ----D---- C:\Program Files\trend micro
2018-08-01 23:02:25 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvDecMFTMjpeg.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvopencl.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvdispgenco6439882.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvdispco6439882.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\nvcuda.dll
2018-08-01 23:00:24 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2018-08-01 23:00:23 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2018-08-01 23:00:23 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2018-08-01 23:00:23 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2018-08-01 23:00:23 ----A---- C:\WINDOWS\system32\nvapi64.dll
2018-07-27 08:47:04 ----D---- C:\Program Files (x86)\VulkanRT
2018-07-27 08:46:56 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2018-07-27 08:46:55 ----A---- C:\WINDOWS\system32\nvcpl.dll
2018-07-27 08:44:19 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2018-07-27 08:44:19 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-07-27 08:44:19 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2018-07-27 08:44:15 ----A---- C:\WINDOWS\system32\nvdispgenco6439836.dll
2018-07-27 08:44:15 ----A---- C:\WINDOWS\system32\nvdispco6439836.dll
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswHdsKe.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswElam.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2018-07-27 08:31:26 ----A---- C:\WINDOWS\system32\drivers\aswArPot.sys
2018-07-27 08:31:25 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-07-27 08:20:38 ----D---- C:\Users\Bohus\AppData\Roaming\AVAST Software
2018-07-27 08:20:17 ----D---- C:\Program Files\Common Files\Avast Software
2018-07-27 08:20:16 ----A---- C:\WINDOWS\system32\drivers\lpsport.sys
2018-07-27 08:19:59 ----D---- C:\Program Files\AVAST Software
2018-07-27 08:19:45 ----D---- C:\ProgramData\AVAST Software
2018-07-25 16:23:41 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2018-07-25 16:23:41 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2018-07-25 16:23:41 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-07-25 16:23:35 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-07-25 16:23:34 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2018-07-25 16:23:34 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2018-07-25 16:23:24 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2018-07-18 16:37:20 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of files/folders modified in the last 1 month======

2018-08-15 08:30:29 ----RD---- C:\Program Files
2018-08-15 08:28:24 ----D---- C:\WINDOWS\Prefetch
2018-08-15 08:28:10 ----D---- C:\WINDOWS\Temp
2018-08-15 08:12:52 ----D---- C:\WINDOWS\system32\SleepStudy
2018-08-15 07:34:00 ----D---- C:\WINDOWS\system32\sru
2018-08-15 05:55:15 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-08-14 21:54:12 ----D---- C:\Users\Bohus\AppData\Roaming\vlc
2018-08-14 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-08-14 13:26:46 ----D---- C:\WINDOWS\Logs
2018-08-14 13:26:29 ----RD---- C:\WINDOWS\Microsoft.NET
2018-08-14 12:25:36 ----D---- C:\ProgramData\NVIDIA
2018-08-14 11:28:45 ----D---- C:\WINDOWS\system32\drivers\etc
2018-08-14 11:26:06 ----D---- C:\WINDOWS\system32\FxsTmp
2018-08-14 10:14:13 ----D---- C:\MSI
2018-08-14 07:31:15 ----D---- C:\WINDOWS\System32
2018-08-14 07:31:15 ----D---- C:\WINDOWS\INF
2018-08-14 07:31:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-14 07:25:12 ----HD---- C:\ProgramData
2018-08-13 12:40:29 ----D---- C:\Windows
2018-08-13 00:37:58 ----D---- C:\WINDOWS\system32\Tasks
2018-08-13 00:36:56 ----D---- C:\WINDOWS\CbsTemp
2018-08-11 07:55:55 ----HD---- C:\Program Files\WindowsApps
2018-08-11 07:55:55 ----D---- C:\WINDOWS\AppReadiness
2018-08-11 07:55:44 ----D---- C:\WINDOWS\system32\config
2018-08-10 16:31:26 ----D---- C:\WINDOWS\WinSxS
2018-08-09 16:32:56 ----D---- C:\Users\Bohus\AppData\Roaming\MPC-HC
2018-08-09 15:28:05 ----D---- C:\WINDOWS\system32\drivers\wd
2018-08-06 16:30:54 ----D---- C:\WINDOWS\SysWOW64
2018-08-06 16:30:54 ----D---- C:\WINDOWS\system32\drivers
2018-08-01 23:02:46 ----D---- C:\WINDOWS\system32\DriverStore
2018-08-01 23:02:45 ----D---- C:\ProgramData\NVIDIA Corporation
2018-08-01 23:01:42 ----D---- C:\WINDOWS\system32\catroot2
2018-08-01 09:41:11 ----RD---- C:\WINDOWS\assembly
2018-07-30 19:41:08 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2018-07-30 19:41:05 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2018-07-30 19:41:05 ----A---- C:\WINDOWS\system32\nvshext.dll
2018-07-30 19:41:05 ----A---- C:\WINDOWS\system32\nvmctray.dll
2018-07-30 19:41:05 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2018-07-29 17:24:58 ----RD---- C:\Program Files (x86)
2018-07-28 11:20:01 ----D---- C:\WINDOWS\SoftwareDistribution
2018-07-28 10:56:28 ----D---- C:\WINDOWS\debug
2018-07-27 08:31:25 ----HD---- C:\WINDOWS\ELAMBKUP
2018-07-27 08:20:17 ----D---- C:\Program Files\Common Files
2018-07-25 17:22:17 ----RD---- C:\Program Files\Windows Defender
2018-07-25 17:11:39 ----SHDC---- C:\WINDOWS\Installer
2018-07-25 17:11:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-07-25 16:54:53 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-07-25 16:23:39 ----D---- C:\Program Files\NVIDIA Corporation
2018-07-19 19:44:42 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-07-19 16:19:38 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-07-17 22:21:20 ----D---- C:\WINDOWS\system32\zu-ZA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\system32\yo-NG
2018-07-17 22:21:20 ----D---- C:\WINDOWS\system32\xh-ZA
2018-07-17 22:21:20 ----D---- C:\WINDOWS\system32\wo-SN
2018-07-17 22:21:20 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2018-07-17 22:21:20 ----D---- C:\WINDOWS\system32\wbem
2018-07-17 22:21:20 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\tn-ZA
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\ti-ET
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\rw-RW
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\nso-ZA
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\migration
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\ig-NG
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\cs-CZ
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-07-17 22:21:19 ----D---- C:\WINDOWS\system32\appraiser
2018-07-17 22:21:19 ----D---- C:\WINDOWS\ShellExperiences
2018-07-17 22:21:18 ----RSD---- C:\WINDOWS\Fonts
2018-07-17 22:21:18 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-07-17 22:21:18 ----D---- C:\WINDOWS\bcastdvr
2018-07-17 22:21:18 ----D---- C:\WINDOWS\apppatch
2018-07-17 22:21:17 ----D---- C:\WINDOWS\system32\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-07-27 201328]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-07-27 346664]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-07-27 59592]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-07-27 85968]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-07-27 381584]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2018-04-12 304032]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-01-28 15232]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-07-27 197160]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-07-27 229392]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-07-27 239680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-07-27 111872]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-07-27 1027728]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-07-27 467064]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2012-12-18 5632]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-07-27 159640]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-07-27 211160]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-04-12 414208]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-04-12 178688]
R2 npf;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [2015-08-21 36600]
R3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2016-12-09 244032]
R3 dc1-controller;@dc1-controller.inf,%dc1-controller.SvcDesc%;Xbox Peripherals Driver; C:\WINDOWS\System32\drivers\dc1-controller.sys [2018-04-12 54272]
R3 I2cHkBurn;I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [2015-07-27 41760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-02-03 4408792]
R3 LEqdUsb;@oem29.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2015-06-18 87696]
R3 LHidEqd;@oem37.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2015-06-18 23184]
R3 LHidFilt;@oem62.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 86672]
R3 LMouFilt;@oem63.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 69264]
R3 MEIx64;@oem27.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-04-29 118272]
R3 NVHDA;@oem9.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2018-06-24 227928]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [2018-08-01 17211376]
R3 nvvad_WaveExtensible;@oem1.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2018-06-08 69544]
R3 nvvhci;@oem5.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-07-30 65792]
R3 rt640x64;@oem90.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-15 887552]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-04-12 128416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 AppleLowerFilter;@oem0.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2018-05-10 35560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-04-12 127384]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2018-04-12 162712]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-04-12 143768]
S3 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-07-27 15360]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-07-27 46976]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [2018-02-21 269408]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-07-12 30656]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\syswow64\pwdspio.sys []
S3 qcusbser;@oem86.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2017-03-15 254520]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-01-28 936728]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-07-27 322464]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_9ea85f;Uživatelská služba platformy připojených zařízení_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2017-07-13 47056]
R2 GamingHotkey_Service;GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2016-10-13 2019792]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584]
R2 iPlatformService;iPlatformService; C:\Program Files (x86)\iPass\Open Mobile\omsi\iPlatformService.exe [2017-04-19 27976]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-29 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-29 398296]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2017-06-30 80824]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2018-04-12 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-04-12 136296]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-04-12 136296]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-04-12 136296]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19 764456]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-07-30 767184]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-07-19 629800]
R2 OneSyncSvc_9ea85f;Hostitel synchronizace_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-06-15 761440]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-07-27 7780400]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 iMobilityService;iMobilityService; C:\Program Files (x86)\iPass\Open Mobile\bin\iMobilityService.exe [2017-04-19 35656]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_9ea85f;Data kontaktů_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-29 154440]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-05-28 16232]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MessagingService_9ea85f;Služba zasílání zpráv_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MSI_LiveUpdate_Service;MSI Live Update Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2017-08-14 2292176]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_9ea85f;Uživatelská služba pro GameDVR a vysílání her_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_9ea85f;Služba pro podporu uživatelů Bluetooth_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 CaptureService_9ea85f;CaptureService_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_9ea85f;DevicePicker_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_9ea85f;Tok zařízení_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-04-12 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-27 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-29 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 356808]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19 764456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_9ea85f;PrintWorkflow_9ea85f; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-05-27 826776]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: PC trochu pomalejsi

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

bob0015
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 16 úno 2007 18:00

Re: PC trochu pomalejsi

#3 Příspěvek od bob0015 »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-13.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-15-2018
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 28
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Bohus\AppData\Local\minergate
Deleted C:\ProgramData\Tencent
Deleted C:\Program Files (x86)\Common Files\Tencent
Deleted C:\Users\Bohus\AppData\Roaming\Tencent
Deleted C:\Users\Bohus\AppData\Local\DriverToolkit

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\DRIVERTOOLKIT AUTORUN.job
Deleted C:\Windows\System32\Tasks\DRIVERTOOLKIT AUTORUN

***** [ Registry ] *****

Deleted HKCU\Software\Carambis
Deleted HKCU\Software\DriverToolkit
Deleted HKLM\Software\Wow6432Node\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6D4368DA-2806-4984-AF1F-F95779B2138D}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted mystartsearch
Deleted Search
Deleted http://www.yessearches.com/?mode=nnnb&p ... B3YoAXIlCE..
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted http://www.attirerpage.com/?type=hp&ts= ... 4_04A5B9E2
Deleted attirerpage

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3554 octets] - [15/08/2018 23:13:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: PC trochu pomalejsi

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

bob0015
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 16 úno 2007 18:00

Re: PC trochu pomalejsi

#5 Příspěvek od bob0015 »

Díky za pomoc. Ten Launcher mi opravdu nejde stahnout ani po vypnutí štítů avastu. Vypadá to, jako by ta stránka neexistovala. V příloze posílám logy v rar archivu.
Přílohy
frst.rar
(26.69 KiB) Staženo 95 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: PC trochu pomalejsi

#6 Příspěvek od Conder »

:arrow: Odinstaluj Intel Security True Key (zbytocnost, ak to nepouzivas).

:arrow: Zapni obnovu systemu
  • Stlac Win+R, napis "sysdm.cpl" (bez uvodzoviek) a stlac enter
  • Klikni na kartu Ochrana systemu a potom na Konfigurovat
  • Vyber moznost Zapnut ochranu systemu a klikni na OK
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
    BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
    Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
    Toolbar: HKU\S-1-5-21-337565027-2083424564-962048763-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKU\S-1-5-21-337565027-2083424564-962048763-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
    CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com","hxxps://www.google.com/","hxxps://www.google.com/"
    R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
    R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
    S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
    U3 idsvc; no ImagePath
    2018-08-15 08:30 - 2018-08-15 08:30 - 000000000 ____D C:\rsit
    2018-08-15 08:30 - 2018-08-15 08:30 - 000000000 ____D C:\Program Files\trend micro
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
    ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    Task: {1FE0E937-66B7-47F6-9A89-ABD0A6DC569A} - System32\Tasks\{4E985432-1EDF-4F21-BE44-96DE518149CF} => C:\WINDOWS\system32\pcalua.exe -a D:\Users\Bohus\Desktop\SAMSUNG_USB_Driver_for_Mobile_Phones.exe -d D:\Users\Bohus\Desktop
    Task: {9FD4919C-E551-47D5-81B7-FB29A8208C4E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

bob0015
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 16 úno 2007 18:00

Re: PC trochu pomalejsi

#7 Příspěvek od bob0015 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Bohus (16-08-2018 18:21:13) Run:1
Running from D:\Users\Bohus\Desktop
Loaded Profiles: Bohus (Available Profiles: Bohus & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Toolbar: HKU\S-1-5-21-337565027-2083424564-962048763-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-337565027-2083424564-962048763-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com ... oogle.com/"
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
U3 idsvc; no ImagePath
2018-08-15 08:30 - 2018-08-15 08:30 - 000000000 ____D C:\rsit
2018-08-15 08:30 - 2018-08-15 08:30 - 000000000 ____D C:\Program Files\trend micro
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
Task: {1FE0E937-66B7-47F6-9A89-ABD0A6DC569A} - System32\Tasks\{4E985432-1EDF-4F21-BE44-96DE518149CF} => C:\WINDOWS\system32\pcalua.exe -a D:\Users\Bohus\Desktop\SAMSUNG_USB_Driver_for_Mobile_Phones.exe -d D:\Users\Bohus\Desktop
Task: {9FD4919C-E551-47D5-81B7-FB29A8208C4E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} => not found
"HKU\S-1-5-21-337565027-2083424564-962048763-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
"HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
"HKU\S-1-5-21-337565027-2083424564-962048763-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
TrueKey => service not found.
TrueKeyScheduler => service not found.
TrueKeyServiceHelper => service not found.
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64" => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FE0E937-66B7-47F6-9A89-ABD0A6DC569A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FE0E937-66B7-47F6-9A89-ABD0A6DC569A}" => removed successfully
C:\WINDOWS\System32\Tasks\{4E985432-1EDF-4F21-BE44-96DE518149CF} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4E985432-1EDF-4F21-BE44-96DE518149CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FD4919C-E551-47D5-81B7-FB29A8208C4E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FD4919C-E551-47D5-81B7-FB29A8208C4E}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 131351340 B
Java, Flash, Steam htmlcache => 556 B
Windows/system/drivers => 40 B
Edge => 3908 B
Chrome => 759171523 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 5260 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9772 B
LocalService => 0 B
NetworkService => 5260 B
NetworkService => 0 B
Bohus => 137926486 B
DefaultAppPool => 5260 B

RecycleBin => 0 B
EmptyTemp: => 989.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:21:47 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: PC trochu pomalejsi

#8 Příspěvek od Conder »

:arrow: Vyzera to uz OK. Nastala nejaka zmena?

:arrow: Skontroluj velkost plochy. Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

bob0015
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 16 úno 2007 18:00

Re: PC trochu pomalejsi

#9 Příspěvek od bob0015 »

Ahoj je to mnohem lepší, hra co se mi předtím trochu sekala teď funguje krásně plynule a navíc zatím přestaly nečekané "pády" her (hra se sama vypla nebo zminimalizovala uprostřed hraní), takže moc děkuju. Čím to tedy bylo způsobeno? Je pravda, že jsem asi 3 roky nedělal čistou instalaci windows, ale celou dobu mám nainstalován antivir avast free. V těch lozích jsem zahlédl něco jako miner, takže přes můj hw někdo těžil virtuální měny? Jinak velikost plochy je něco málo přes 1 mb a mám ji umístěnou na sekundárním disku D (taky dokumenty, obrázky a vše co šlo).

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: PC trochu pomalejsi

#10 Příspěvek od Conder »

:arrow: AdwCleaner zmazal "C:\Users\Bohus\AppData\Local\minergate", co je naozaj program na tazenie kryptomien, ale neviem s istotou povedat, ci bol aj aktivny, pretoze ani v uvodnom logu po nom nie je ziadna stopa. Inak sme mazali rozny adware/neziaduce programy a vycistili zbytocnosti a docasne subory.

:arrow: Otazka, hovori ti nieco SSH alebo instaloval si nieco take na tento PC?

:arrow: Spusti este pre kontrolu tento fixlist:

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    Folder: C:\WINDOWS\System32\OpenSSH
    CMD: forfiles /p C:\WINDOWS\System32\OpenSSH /s /c "cmd /c echo @path && type @path"
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Pockaj na dokoncenie
  • Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

bob0015
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 16 úno 2007 18:00

Re: PC trochu pomalejsi

#11 Příspěvek od bob0015 »

Tak tady, ale je to plné nějakých nesmyslných znaků.
http://leteckaposta.cz/509159963

Nevím přesně, co je SSH ,ale vzdáleně se připojuju do práce (přes cisco any security vpn a přes remote desktop), dále mám nainstalován i teamviewer.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: PC trochu pomalejsi

#12 Příspěvek od Conder »

:arrow: Malo by to byt OK.

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

bob0015
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 16 úno 2007 18:00

Re: PC trochu pomalejsi

#13 Příspěvek od bob0015 »

Hotovo, díky za všechny rady. Pěkný den

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: PC trochu pomalejsi

#14 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno