Preventika - pomalé načítání stránek?

Zpráva

krosna · #1 Příspěvek od **krosna** » 26 úno 2019 21:38

Ahoj

byl bych moc vděčný, kdyby se mi někdo podíval na můj log. Poslední dobou mám pocit, že je problém s načítáním stránek a dlouho to trvá, občas i hodí error a můsím dát refresh. Díky za pomoc!

Logfile of random's system information tool 1.10 (written by random/random)
Run by szmil at 2019-02-26 21:31:37
Microsoft Windows 10 Pro
System drive C: has 152 GB (66%) free of 231 GB
Total RAM: 8000 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:31:41, on 26.02.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11231.20174.0_x86__8wekyb3d8bbwe\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelperBgt.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.1.30.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\trend micro\szmil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell17win10.msn.com/?pc=DCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Foxit PhantomPDF Create PDF ToolBar Helper - {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll
O3 - Toolbar: Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\szmil\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O8 - Extra context menu item: Append Link Page to Another PDF - res://C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll/IEContextMenuLinkAppendPDF.html
O8 - Extra context menu item: Append to Another PDF - res://C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll/IEContextMenuCurrentAppendPDF.html
O8 - Extra context menu item: Convert Link Page to Foxit PDF - res://C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll/IEContextMenuLinkNewPDF.html
O8 - Extra context menu item: Convert to Foxit PDF - res://C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll/IEContextMenuCurrentNewPDF.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Intel® SGX AESM (AESMService) - Intel Corporation - C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\DRIVERS\AdminService.exe (file missing)
O23 - Service: Brave Elevation Service (BraveElevationService) - Unknown owner - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\71.0.58.18\elevation_service.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHDCPSvc.exe
O23 - Service: Dell Command | Power Manager Notify (dcpm-notify) - Dell Inc. - C:\Program Files\Dell\CommandPowerManager\NotifyService.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Hardware Support - PC-Doctor, Inc. - C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
O23 - Service: Dell SupportAssist Remediation - Dell Inc. - C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem0.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FoxitPhantomService - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: @oem27.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Killer Network Service (Killer Network Service x64) - Rivet Networks - C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros WLAN Driver Service (QcomWlanSrv) - Unknown owner - C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Dell SupportAssist (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12765 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4a8f2c12-d1fe-4241-8cda-bfb9ac7d8ab6 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d87dd4d2-9fac-4e6d-b8c4-629eb84b23c7 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6dfd70e0-3195-426d-9511-e7c8fe0c7bff -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0b67df79-be54-4d71-84bd-0bab7fcc7926 -LifetimeId:8c235a2e-db2f-4c9c-9461-2b0e8e619a2b -DeviceGroupId:
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-01b66bfe-01db-44d3-880b-b9c16f6a140d -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2c412d52-3539-48f2-bcce-f52d48434e82 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b52a18ae-19ba-4e26-a356-1c256c3b6566 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-baf88877-a7b8-4fad-bf85-f294d9f1b855 -LifetimeId:af04336a-7c3e-4e2e-bc17-5b7c7a96c898 -DeviceGroupId:WudfDefaultDevicePool
"dwm.exe"
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s BDESVC
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc

dashost.exe {b61f22cb-174c-41ff-950b62c635b4908a}
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-716da71e-ec27-4f07-b799-7cebac3056c2 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1ea9d54b-06ba-4b38-a485-c3df3a58d247 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-625d8c30-0f5c-49ed-9391-14cb0cd32bb6 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-003aa6fc-a553-4b01-b6ae-52de4cba7603 -LifetimeId:552bd854-dbbb-4a52-b715-c7a5fa545adc -DeviceGroupId:WudfDefaultDevicePoolPriorityHigh
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
"ctfmon.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igfxEM.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
C:\WINDOWS\system32\DRIVERS\AdminService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHDCPSvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe"
C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe"
"C:\WINDOWS\system32\Intel\DPTF\dptf_helper.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11231.20174.0_x86__8wekyb3d8bbwe\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelperBgt.exe" -ServerName:Microsoft.Office.Desktop.SDXHelper.AppXew0wssvfsgr71j4vt843c7dj5n9db760.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding

C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
"C:\Program Files\Logitech\LogiOptions\LogiOptions.exe" /noui
"C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe"
"C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe"
"C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe" -Jack
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
"C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe"
"C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe"
"C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\rempl\sedsvc.exe"

"C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe"
"C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppX02tn0pw1w652jfdjy8p3265qn78k6eby.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.1.30.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe" /InvokerPRAID: App WriteLog
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\szmil\AppData\Local\Steam\htmlcache" "-steampid=13924" "-buildid=1550534751" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\szmil\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1550534751 --initial-client-data=0x2f4,0x2f8,0x2fc,0x2f0,0x300,0x7ff99f9f1f78,0x7ff99f9f1f88,0x7ff99f9f1f98
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1550534751 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1550534751 --steamid=0 --service-request-channel-token=E4F84513036478808794D84C4DF6C114 --mojo-platform-channel-handle=1412 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9900.0.947894720\688702478" -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\szmil\AppData\LocalLow\Mozilla\Temp-{d8600c56-cc53-4f01-b303-5c1d3c53f2c1}" 9900 "\\.\pipe\gecko-crash-server-pipe.9900" 1664 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9900.13.497487882\1785538987" -childID 2 -isForBrowser -prefsHandle 3676 -prefMapHandle 3680 -prefsLen 213 -prefMapSize 187612 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 9900 "\\.\pipe\gecko-crash-server-pipe.9900" 3692 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9900.27.1853489553\730392167" -childID 4 -isForBrowser -prefsHandle 4860 -prefMapHandle 4864 -prefsLen 5878 -prefMapSize 187612 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 9900 "\\.\pipe\gecko-crash-server-pipe.9900" 4872 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9900.34.939113342\242202488" -childID 5 -isForBrowser -prefsHandle 5360 -prefMapHandle 5192 -prefsLen 5878 -prefMapSize 187612 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 9900 "\\.\pipe\gecko-crash-server-pipe.9900" 5324 tab
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=4CA69870504A6385D692DFC6D1BFFEA9 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --buildid=1550534751 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=4CA69870504A6385D692DFC6D1BFFEA9 --renderer-client-id=4 --mojo-platform-channel-handle=1992 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1812.10043.0_x64__8wekyb3d8bbwe\Time.exe" -ServerName:App.AppXq8avk61zazpy808ab5ppkf6taqp47km6.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9900.41.1780707706\1030393514" -childID 6 -isForBrowser -prefsHandle 4036 -prefMapHandle 9992 -prefsLen 5970 -prefMapSize 187612 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 9900 "\\.\pipe\gecko-crash-server-pipe.9900" 5300 tab
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=31A3B75F6C94A109398BCC3901E0FAB9 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --buildid=1550534751 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=31A3B75F6C94A109398BCC3901E0FAB9 --renderer-client-id=7 --mojo-platform-channel-handle=3960 /prefetch:1
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9900.48.1355840080\1152685200" -childID 7 -isForBrowser -prefsHandle 4068 -prefMapHandle 5436 -prefsLen 5970 -prefMapSize 187612 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 9900 "\\.\pipe\gecko-crash-server-pipe.9900" 3252 tab
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 748 752 760 8192 756
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x734
"C:\Users\szmil\Downloads\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

=========Mozilla firefox=========

ProfilePath - C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Profiles\jj2izw2a.default

"FFExtnHTML2PDF@foxitsoftware.com"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A}]
Foxit PhantomPDF Create PDF ToolBar Helper - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2018-04-16 5310528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFD9D8A8-57FF-488A-B919-065EC77CF82F} - Foxit PhantomPDF Create PDF ToolBar - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2018-04-16 5310528]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-11-12 9278136]
"RtHDVBg_PushButton"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-11-12 1515192]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2017-10-04 79360]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2017-10-11 3943056]
"LogiOptions"=C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2018-12-15 2176648]
"WavesSvc"=c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [2018-11-04 1213736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\szmil\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-02-11 1506616]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-02-18 3144480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SlowLinkDetectEnabled"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-02-26 21:31:37 ----D---- C:\rsit
2019-02-26 21:31:37 ----D---- C:\Program Files\trend micro
2019-02-26 20:35:41 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2019-02-24 12:24:09 ----D---- C:\Program Files (x86)\Dell Digital Delivery
2019-02-22 10:02:56 ----D---- C:\Program Files\Goodix
2019-02-22 10:02:19 ----D---- C:\Program Files\Waves
2019-02-22 10:01:57 ----D---- C:\WINDOWS\LastGood.Tmp
2019-02-22 10:01:43 ----A---- C:\WINDOWS\SYSWOW64\RTHDASIO.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\tbb_waves.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RtPgEx64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RtlCPAPI64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RtkCoLDR64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RtkCfg64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RtkApi64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RTHDASIO64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RtDataProc64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RTCOM64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RltkAPO64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\RCoInstII64.dll
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\drivers\RTKVHD64.sys
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2019-02-22 10:01:43 ----A---- C:\WINDOWS\system32\drivers\IntcAudioBus.sys
2019-02-22 10:01:42 ----A---- C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2019-02-22 10:01:42 ----A---- C:\WINDOWS\system32\MaxxAudioRender64.dll
2019-02-22 10:01:42 ----A---- C:\WINDOWS\system32\MaxxAudioCapture64.dll
2019-02-22 10:01:41 ----A---- C:\WINDOWS\RtlExUpd.dll
2019-02-22 10:01:39 ----A---- C:\WINDOWS\SYSWOW64\RtkMsgs.dll
2019-02-22 10:01:12 ----D---- C:\Program Files\Killer Networking
2019-02-22 09:46:41 ----A---- C:\WINDOWS\invcol.tmp
2019-02-22 09:45:43 ----D---- C:\WINDOWS\{1AF69E72-9462-4EDE-942F-A4039D3DF43E}
2019-02-22 09:42:17 ----ASH---- C:\pagefile.sys
2019-02-12 20:55:34 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:55:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:55:29 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-02-12 20:55:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-02-12 20:55:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-02-12 20:55:21 ----A---- C:\WINDOWS\system32\wininet.dll
2019-02-12 20:55:21 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-02-12 20:55:19 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-02-12 20:55:18 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-02-12 20:55:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-02-12 20:55:17 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-02-12 20:55:16 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-02-12 20:55:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-12 20:55:15 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-12 20:55:15 ----A---- C:\WINDOWS\system32\cdp.dll
2019-02-12 20:55:13 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-02-12 20:55:13 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-12 20:55:12 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-02-12 20:55:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-02-12 20:55:11 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-12 20:55:11 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-12 20:55:11 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-02-12 20:55:11 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-02-12 20:55:10 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-02-12 20:55:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2019-02-12 20:55:09 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-02-12 20:55:08 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-02-12 20:55:07 ----A---- C:\WINDOWS\system32\smartscreen.exe
2019-02-12 20:55:07 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-02-12 20:55:07 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-02-12 20:55:07 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-02-12 20:55:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-02-12 20:55:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-02-12 20:55:06 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-12 20:55:06 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-02-12 20:55:06 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-12 20:55:05 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-02-12 20:55:05 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-02-12 20:55:05 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-02-12 20:55:05 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-02-12 20:55:05 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-02-12 20:55:04 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-02-12 20:55:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-02-12 20:55:04 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-02-12 20:55:04 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-12 20:55:04 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-02-12 20:55:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-02-12 20:55:04 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-02-12 20:55:04 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-02-12 20:55:03 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-02-12 20:55:03 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-02-12 20:55:03 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-02-12 20:55:03 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:55:03 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-02-12 20:55:03 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-12 20:55:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\svchost.exe
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\rmclient.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-02-12 20:55:02 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\SYSWOW64\svchost.exe
2019-02-12 20:55:01 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\system32\msi.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-02-12 20:55:01 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-02-12 20:55:00 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\wldp.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\winresume.exe
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\winload.exe
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-02-12 20:55:00 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\mfps.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-02-12 20:54:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-12 20:54:58 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-02-12 20:54:58 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2019-02-12 20:54:58 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\hal.dll
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-02-12 20:54:58 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-02-12 20:54:58 ----A---- C:\WINDOWS\HelpPane.exe
2019-02-12 20:54:57 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\SYSWOW64\NtlmShared.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\SYSWOW64\CapabilityAccessManagerClient.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\wuuhext.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\smss.exe
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\npmproxy.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\hidparse.sys
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-12 20:54:57 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\itss.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-02-12 20:54:56 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-12 20:54:35 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-02-08 18:54:33 ----D---- C:\Users\szmil\AppData\Roaming\Logishrd
2019-02-08 18:54:08 ----D---- C:\ProgramData\Logishrd
2019-02-08 18:54:05 ----D---- C:\Program Files\Logitech
2019-02-05 20:17:56 ----D---- C:\ProgramData\Mozilla

======List of files/folders modified in the last 1 month======

2019-02-26 21:31:40 ----D---- C:\WINDOWS\Temp
2019-02-26 21:31:39 ----D---- C:\WINDOWS\Prefetch
2019-02-26 21:31:37 ----RD---- C:\Program Files
2019-02-26 21:30:02 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-02-26 21:22:07 ----D---- C:\WINDOWS\system32\config
2019-02-26 21:12:58 ----D---- C:\Program Files (x86)\Steam
2019-02-26 20:53:08 ----HD---- C:\Program Files\WindowsApps
2019-02-26 20:52:49 ----D---- C:\WINDOWS\AppReadiness
2019-02-26 20:39:57 ----D---- C:\WINDOWS\System32
2019-02-26 20:39:57 ----D---- C:\WINDOWS\INF
2019-02-26 20:39:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-26 20:37:46 ----D---- C:\WINDOWS\system32\DriverStore
2019-02-26 20:37:46 ----D---- C:\WINDOWS\system32\drivers
2019-02-26 20:35:41 ----D---- C:\WINDOWS\system32\catroot2
2019-02-26 20:35:37 ----D---- C:\WINDOWS\system32\sru
2019-02-26 20:35:35 ----D---- C:\ProgramData\Goodix
2019-02-26 19:47:59 ----D---- C:\WINDOWS\system32\LogFiles
2019-02-25 20:40:15 ----D---- C:\WINDOWS\system32\SleepStudy
2019-02-25 20:39:46 ----D---- C:\WINDOWS\Logs
2019-02-25 20:35:46 ----RD---- C:\WINDOWS\Microsoft.NET
2019-02-25 20:09:36 ----D---- C:\WINDOWS\system32\WinBioDatabase
2019-02-24 21:19:55 ----D---- C:\Users\szmil\AppData\Roaming\RStudio
2019-02-24 18:51:37 ----D---- C:\WINDOWS\Registration
2019-02-24 12:24:09 ----SHD---- C:\WINDOWS\Installer
2019-02-24 12:24:09 ----RD---- C:\Program Files (x86)
2019-02-23 19:54:41 ----D---- C:\WINDOWS\system32\drivers\wd
2019-02-22 13:06:34 ----D---- C:\WINDOWS\Minidump
2019-02-22 13:06:33 ----D---- C:\Windows
2019-02-22 10:39:50 ----D---- C:\WINDOWS\LiveKernelReports
2019-02-22 10:10:19 ----D---- C:\Program Files (x86)\Dell
2019-02-22 10:07:10 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-02-22 10:03:40 ----D---- C:\WINDOWS\system32\Tasks
2019-02-22 10:03:15 ----D---- C:\Program Files (x86)\Intel
2019-02-22 10:02:59 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2019-02-22 10:02:59 ----D---- C:\WINDOWS\system32\CatRoot
2019-02-22 10:02:26 ----HD---- C:\Program Files (x86)\Temp
2019-02-22 10:02:24 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2019-02-22 10:02:24 ----D---- C:\WINDOWS\system32\RTCOM
2019-02-22 10:01:59 ----D---- C:\WINDOWS\SysWOW64
2019-02-22 10:01:13 ----D---- C:\ProgramData\RivetNetworks
2019-02-22 10:00:38 ----D---- C:\ProgramData\Package Cache
2019-02-22 09:46:10 ----D---- C:\ProgramData\Dell
2019-02-22 09:46:07 ----RSD---- C:\WINDOWS\assembly
2019-02-20 21:17:53 ----D---- C:\Users\szmil\AppData\Roaming\xm1
2019-02-18 21:51:47 ----D---- C:\WINDOWS\WinSxS
2019-02-17 17:38:10 ----D---- C:\Program Files\rempl
2019-02-14 09:33:24 ----D---- C:\WINDOWS\system32\NDF
2019-02-14 01:10:57 ----D---- C:\Program Files\Mozilla Firefox
2019-02-14 01:10:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-12 22:30:56 ----SD---- C:\WINDOWS\SYSWOW64\F12
2019-02-12 22:30:56 ----SD---- C:\WINDOWS\system32\F12
2019-02-12 22:30:56 ----RD---- C:\Program Files\Windows Defender
2019-02-12 22:30:56 ----D---- C:\WINDOWS\TextInput
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\zu-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\yo-NG
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\xh-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\wo-SN
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\tn-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\ti-ET
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\rw-RW
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\nso-ZA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\migration
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\ig-NG
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\en-US
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\cs-CZ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\Boot
2019-02-12 22:30:56 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-02-12 22:30:56 ----D---- C:\WINDOWS\ShellExperiences
2019-02-12 22:30:56 ----D---- C:\WINDOWS\bcastdvr
2019-02-12 22:30:56 ----D---- C:\WINDOWS\apppatch
2019-02-12 22:30:56 ----D---- C:\Program Files\internet explorer
2019-02-12 22:30:56 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-12 20:58:41 ----D---- C:\WINDOWS\CbsTemp
2019-02-12 20:54:31 ----D---- C:\WINDOWS\system32\MRT
2019-02-12 20:45:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-02-08 18:54:08 ----HD---- C:\ProgramData
2019-02-08 18:51:30 ----D---- C:\ProgramData\Packages

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;@oem27.inf,%iaStorA.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\WINDOWS\System32\drivers\iaStorA.sys [2017-10-04 897536]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2018-12-08 304144]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2018-05-22 72024]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2018-11-09 200704]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 106496]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\System32\drivers\BthHfAud.sys [2018-04-12 48640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 DDDriver;DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [2018-10-20 36400]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2017-11-22 74144]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2017-11-22 69536]
R3 esif_lf;esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [2017-11-22 382880]
R3 HidEventFilter;@oem3.inf,%HidEventFilter%;Intel(R) HID Event Filter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [2017-11-30 85064]
R3 iaLPSS2_GPIO2;@oem7.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [2017-06-28 98976]
R3 iaLPSS2_I2C;@oem49.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [2017-06-28 191648]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igdkmd64.sys [2018-10-08 14072952]
R3 IntcAudioBus;@oem63.inf,%IntcAudioBus.SVCDESC%;Intel(R) Smart Sound Technology (Intel(R) SST) Bus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [2018-09-10 268192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-11-12 6455992]
R3 IntcDAud;@oem32.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_3b876fb0bfb3390a\IntcDAud.sys [2018-10-08 635368]
R3 IntcOED;@oem57.inf,%IntcOED.SVCDESC%;Intel(R) Smart Sound Technology (Intel(R) SST) OED; C:\WINDOWS\System32\drivers\IntcOED.sys [2018-11-15 848704]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2019-02-26 261032]
R3 MEIx64;@oem15.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-07-15 228992]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
R3 Qcamain10x64;@oem18.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2018-07-29 2355544]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 RfeCoSvc;RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [2018-08-10 141480]
R3 RTSPER;@oem25.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\System32\drivers\RtsPer.sys [2017-11-01 864704]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 AppleLowerFilter;@oem62.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2018-05-10 35560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-04-12 127384]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2018-04-12 162712]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-04-12 143768]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 DellProf;DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [2018-05-08 41208]
S3 dlcdcncm;dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [2017-09-18 92944]
S3 dlusbaudio;dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [2017-09-18 238352]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-02-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2_SPI;Intel(R) Serial IO SPI Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [2017-06-28 158368]
S3 iaLPSS2_UART2;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [2017-06-28 310944]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 iaStorAfs;@oem27.inf,%iaStorAfs.DisplayName%;iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [2017-10-04 70656]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-02-06 945680]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESMService;Intel® SGX AESM; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [2017-11-12 3089680]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [2018-05-22 424288]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_3148c;CDPUserSvc_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHDCPSvc.exe [2018-10-08 484328]
R2 DDVCollectorSvcApi;Dell Data Vault Service API; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2018-10-22 209392]
R2 DDVDataCollector;Dell Data Vault Collector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2018-10-22 3347440]
R2 DDVRulesProcessor;Dell Data Vault Processor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2018-10-22 218096]
R2 Dell Hardware Support;Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [2019-01-08 1035072]
R2 Dell SupportAssist Remediation;Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [2017-11-03 119840]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 esifsvc;@oem0.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [2017-11-22 1705040]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2018-04-17 1659456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2017-10-04 17992]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igfxCUIService.exe [2018-10-08 393704]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2018-07-15 218176]
R2 Killer Network Service x64;Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2018-08-10 2318016]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2018-07-15 625216]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-09-19 6347056]
R2 OneSyncSvc_3148c;OneSyncSvc_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 QcomWlanSrv;Qualcomm Atheros WLAN Driver Service; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [2018-07-29 190808]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-11-12 277184]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-02-13 332088]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHeciSvc.exe [2018-10-08 489448]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-12 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_3148c;PimIndexMaintenanceSvc_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2018-01-24 215440]
S2 Intel(R) TPM Provisioning Service;Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [2018-06-08 714952]
S2 IntelAudioService;Intel(R) Audio Service; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [2018-11-15 212760]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_3148c;BcastDVRUserService_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_3148c;BluetoothUserService_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BraveElevationService;Brave Elevation Service; C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\71.0.58.18\elevation_service.exe []
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 CaptureService_3148c;CaptureService_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dcpm-notify;Dell Command | Power Manager Notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [2018-08-24 313440]
S3 Dell.CommandPowerManager.Service;Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe [2018-04-12 20888]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_3148c;DevicePickerUserSvc_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_3148c;DevicesFlowUserSvc_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FoxitPhantomService;FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [2018-04-17 1658944]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 iaStorAfsService;@oem27.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2017-10-04 2413744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [2018-06-08 762568]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_3148c;MessagingService_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-02-13 239056]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_3148c;PrintWorkflowUserSvc_3148c; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-07-15 4737448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-05-12 826776]

-----------------EOF-----------------

#2 Příspěvek od **Diallix** » 26 úno 2019 21:40

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

krosna · #3 Příspěvek od **krosna** » 27 úno 2019 20:27

Dobrý den,

níže log z AdwCleaneru. Jen ještě zmínim, že jsem včera večer pouštěl CCcleaner, který asi taky něco počistil

.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-27-2019
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1333 octets] - [27/02/2019 20:24:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Diallix** » 28 úno 2019 16:40

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

krosna · #5 Příspěvek od **krosna** » 01 bře 2019 20:52

ADDITION.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by szmil (01-03-2019 20:49:37)
Running from C:\Users\szmil\Desktop
Windows 10 Pro Version 1803 17134.590 (X64) (2018-05-12 11:53:31)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1364267542-355922637-1010560847-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1364267542-355922637-1010560847-503 - Limited - Disabled)
Guest (S-1-5-21-1364267542-355922637-1010560847-501 - Limited - Disabled)
szmil (S-1-5-21-1364267542-355922637-1010560847-1001 - Administrator - Enabled) => C:\Users\szmil
WDAGUtilityAccount (S-1-5-21-1364267542-355922637-1010560847-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.246 - Amazon)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.55.1 - Asmedia Technology)
Atom (HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\atom) (Version: 1.32.2 - GitHub Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.1 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{5E5C540B-8C70-4C62-A3A4-CB1FDF726831}) (Version: 3.5.1001.0 - Dell Products, LP)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: 1.40 - EnTech Taiwan)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.1.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E98E94E2-12D1-48E5-AC69-2C312F466136}) (Version: 3.1.0.142 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{9C32DD4A-3321-4BD5-BD11-C4B18ECE6AE7}) (Version: 3.2.0.4834 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{9ae76d49-72b5-402c-b900-0dc71ab8ebef}) (Version: 3.2.0.4834 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{ED23034C-BB55-432A-B216-C3DCC768A7D3}) (Version: 4.1.0.6828 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{de2492a6-682a-49a4-87be-f8448e1af207}) (Version: 4.1.0.6828 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FB7D593A-4279-11E8-AD22-000C296BF29B}) (Version: 9.1.0.5096 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
Git version 2.18.0 (HKLM\...\Git_is1) (Version: 2.18.0 - The Git Development Community)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 2.1.31.500 - Goodix, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1829.12.0.1154 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6286 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.6.1027 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM-x32\...\ARP_for_prd_SGX_1.9.100.41172) (Version: 1.9.100.41172 - Intel Corporation)
JAGS 4.3.0 (HKLM-x32\...\JAGS-4.3.0) (Version: 4.3.0 - JAGS)
Julia Language 1.0.2 (HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\Julia 1.0.2) (Version: - The Julia Project)
Killer Performance Driver Suite (HKLM\...\{4FE9A694-8CD6-4947-B5F2-8A327749CD75}) (Version: 1.5.1871 - Rivet Networks)
Logitech Options (HKLM\...\LogiOptions) (Version: 7.10.3 - Logitech)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9669.1 - Waves Audio Ltd.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 65.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.1 (x64 en-US)) (Version: 65.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Python 3.5.2 (Anaconda3 4.2.0 64-bit) (HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\Python 3.5.2 (Anaconda3 4.2.0 64-bit)) (Version: 4.2.0 - Continuum Analytics, Inc.)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.448 - Qualcomm Atheros)
R for Windows 3.5.2 (HKLM\...\R for Windows 3.5.2_is1) (Version: 3.5.2 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8569 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.15063.11307 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.1.463 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Texmaker 5.0.2 (64-bit) (HKLM-x32\...\{56F59553-D990-48AD-B050-FF017E5C3692}) (Version: 5.0.2.0 - Texmaker)
Thunderbolt™ Software (HKLM-x32\...\{1CAE7E2B-41ED-46BF-AA78-4658AE8C2130}) (Version: 17.4.77.400 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1364267542-355922637-1010560847-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1364267542-355922637-1010560847-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_246.dll [2018-05-12] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igfxDTCM.dll [2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {005E68A8-0068-43C0-A541-9D7382D477E2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {05985F0A-6151-44C5-A41D-63D31DB9046D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {37EDF17F-FEE6-4DD4-8223-CBBD91FBFAB5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3F0ACDD9-3CA9-436C-B235-FA4717ACBE5E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {4AFD004C-328F-44C1-A1DE-7E8EAC9E4087} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => ConditionalAppStarter.exe
Task: {58A752B5-7C1D-49B1-9644-12E653849D78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5C45B943-4414-446C-82F6-9B62AAAF9F22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {65820BA6-A1B4-45F8-B6ED-D99D76428B27} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe (Dell Inc -> Dell Inc.)
Task: {6A0F6633-E2D9-4FC6-BB44-B38AF9ADB962} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {830AF3FD-6A48-4054-AC86-1E4828F6FD12} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe (Dell Inc. -> Dell Inc.)
Task: {88B982C0-42F5-4107-AB17-61FC454848AE} - System32\Tasks\goloader1 => wscript /B "C:\ProgramData\SsiRecord\recovery.vbs" "C:\ProgramData\SsiRecord\goloader-recovery.bat"
Task: {97005D4F-0C5D-4914-A1B0-EAE7192D302B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {AE2A17ED-4CF5-4718-A469-BDDC7AB98C56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D2850096-1E6D-4059-9190-00B5A010BE9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\szmil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\szmil\AppData\Local\Continuum\Anaconda3\Scripts\activate.bat C:\Users\szmil\AppData\Local\Continuum\Anaconda3

==================== Loaded Modules (Whitelisted) ==============

2018-10-07 20:32 - 2019-01-03 08:32 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-10-07 20:32 - 2019-01-03 08:32 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-01-03 08:33 - 2019-01-03 08:32 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-1364267542-355922637-1010560847-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2E33EFCC-D223-4280-BE36-8FAD5A2A1CFB}C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe (Python Software Foundation) [File not signed]
FirewallRules: [TCP Query User{15C3D57A-CA46-464C-B4A9-D621851141B6}C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe (Python Software Foundation) [File not signed]
FirewallRules: [{5A56949A-D5AA-4A11-8C3A-08D034CAD145}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30C23E47-DD2A-4376-B66F-6A66F594FEF5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{40DB6462-333D-498A-9450-53636FF8CD05}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [UDP Query User{D919320F-0071-48AC-B080-5F0B7EDE8B61}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [TCP Query User{1BD9036C-5488-4692-92A5-8DA00F9EE006}C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe (Python Software Foundation) [File not signed]
FirewallRules: [UDP Query User{0D9C6BF9-E65C-4F8E-82CA-D4428BE4D03B}C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\szmil\appdata\local\continuum\anaconda3\pythonw.exe (Python Software Foundation) [File not signed]
FirewallRules: [TCP Query User{98A74E62-5B35-4339-82E6-1644C8B42383}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [UDP Query User{E421ED69-A6CF-4D4D-BF95-F4DF583626C2}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe (RStudio, Inc.) [File not signed]
FirewallRules: [{7451408C-402B-4AA0-96AC-5B29ADB5B34B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D5D4252A-2798-421B-8500-4AF9884D1B0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3BA4AB6E-B618-4B9F-AC26-444AEB75FBB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{BB22BA49-5A7E-4D8A-8B12-86EE9216804F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{950AFCCA-3E1D-4285-9466-9D8A7AA997A6}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{72D17FD7-EF60-45C5-B1C3-CBA18394DFDB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11231.20174.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2A3C28D-A2B6-462F-A723-2235BAB51DBB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AA000AEC-3B6A-4359-8C56-90F17D57EAE9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2019 11:02:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.17134.556 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: c64

Čas spuštění: 01d4cf994e2782be

Čas ukončení: 1

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 7b41eee2-5849-4dd9-83ae-4802652ba6f4

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (02/28/2019 10:07:01 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (02/28/2019 10:07:01 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (02/28/2019 09:47:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.17134.556 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: c64

Čas spuštění: 01d4cf994e2782be

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: dfa1739e-e506-4549-a066-0b36a435ddba

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (02/27/2019 10:45:27 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (02/27/2019 10:45:27 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (02/27/2019 10:13:56 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (02/27/2019 10:13:56 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

System errors:
=============
Error: (03/01/2019 08:15:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/01/2019 08:08:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Unavailable
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/01/2019 08:08:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Unavailable
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/01/2019 08:06:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-J5EU2P8)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-J5EU2P8\szmil (SID: S-1-5-21-1364267542-355922637-1010560847-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/01/2019 08:06:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/01/2019 08:06:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/01/2019 08:06:31 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (02/28/2019 11:02:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Audio byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restart the service.

Windows Defender:
===================================
Date: 2019-02-20 22:10:39.793
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno pred dokoncením.
ID prohledávání: {D62CB36D-751E-44F7-90E0-C3331F04D858}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-02-12 22:08:34.687
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno pred dokoncením.
ID prohledávání: {1C33F8D0-3124-463E-A3AB-446A6A0258B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-29 22:45:26.259
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno pred dokoncením.
ID prohledávání: {FAC2E7A0-2455-4CD4-A1E3-BA6457BCBC27}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-25 18:54:52.150
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno pred dokoncením.
ID prohledávání: {1F4CBB1E-97C8-49B7-879B-EEF00223E25F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-20 22:10:34.048
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno pred dokoncením.
ID prohledávání: {D32A9012-C752-407C-8A79-352F6B95E12A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-01 20:16:42.601
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu pri pokusu o aktualizaci podpisu.
Nová verze podpisu:
Predchozí verze podpisu: 1.289.134.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Predchozí verze modulu: 1.1.15700.9
Kód chyby: 0x80240016
Popis chyby :An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 64%
Total physical RAM: 8000.05 MB
Available physical RAM: 2803.14 MB
Total Virtual: 9280.05 MB
Available Virtual: 2935.97 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:225.51 GB) (Free:151.95 GB) NTFS
Drive e: (ESD-USB) (Removable) (Total:7.49 GB) (Free:0.68 GB) FAT32

\\?\Volume{a1e94ff5-aaac-4542-bfdb-cdf92292b969}\ (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{4af1e279-956d-4330-ac42-2618a300a628}\ (Image) (Fixed) (Total:10.58 GB) (Free:0.18 GB) NTFS
\\?\Volume{ca018a53-c83e-4bc1-8db0-5d70939036ef}\ (DELLSUPPORT) (Fixed) (Total:1.13 GB) (Free:0.48 GB) NTFS
\\?\Volume{05507296-5376-4391-8189-468edc44e065}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 9922E922)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

krosna · #6 Příspěvek od **krosna** » 01 bře 2019 20:52

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.03.2019
Ran by szmil (administrator) on DESKTOP-J5EU2P8 (01-03-2019 20:47:29)
Running from C:\Users\szmil\Desktop
Loaded Profiles: szmil (Available Profiles: szmil)
Platform: Windows 10 Pro Version 1803 17134.590 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igfxCUIService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\igfxEM.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHDCPSvc.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129615.inf_amd64_7fbc6baf2cd21d32\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11231.20174.0_x86__8wekyb3d8bbwe\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelperBgt.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Foxit Software Incorporated -> Foxit Corporation) C:\Users\szmil\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278136 2018-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515192 2018-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-10-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3943056 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2176648 2018-12-15] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1213736 2018-11-04] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1364267542-355922637-1010560847-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2019-02-22]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8d95472f-9fa9-42d4-b6ee-560663e9fd4c}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1364267542-355922637-1010560847-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> DefaultScope {537EC806-CBB3-420A-8C87-21C3D0E7C67F} URL =
SearchScopes: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> {537EC806-CBB3-420A-8C87-21C3D0E7C67F} URL =
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2018-04-16] (Foxit Software Incorporated -> )
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2018-04-16] (Foxit Software Incorporated -> )
Toolbar: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> No Name - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - No File

FireFox:
========
FF DefaultProfile: jj2izw2a.default
FF ProfilePath: C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Profiles\jj2izw2a.default [2019-03-01]
FF Extension: (Facebook Container) - C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Profiles\jj2izw2a.default\Extensions\@contain-facebook.xpi [2018-05-09]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Profiles\jj2izw2a.default\Extensions\firefox@ghostery.com.xpi [2019-02-03]
FF Extension: (Tomato Clock) - C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Profiles\jj2izw2a.default\Extensions\jid1-Kt2kYYgi32zPuw@jetpack.xpi [2019-02-19]
FF Extension: (Block Site) - C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Profiles\jj2izw2a.default\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2018-07-29]
FF Extension: (Video Speed Controller) - C:\Users\szmil\AppData\Roaming\Mozilla\Firefox\Profiles\jj2izw2a.default\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2019-02-10]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2018-01-29] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2018-01-29]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2018-01-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3089680 2017-11-12] (Intel(R) Software Development Products -> Intel Corporation)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [424288 2018-05-22] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2018-08-24] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-01-08] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [119840 2017-11-03] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{B06C8A87-4A49-4F03-8364-7602785AB973} [20888 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{B06C8A87-4A49-4F03-8364-7602785AB973} [19360 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-22] (Intel Corporation -> Intel Corporation)
S3 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1658944 2018-04-17] (Foxit Software Incorporated -> Foxit Software Inc.)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2018-04-17] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413744 2017-10-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-10-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762568 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [212760 2018-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-07-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service x64; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2318016 2018-08-10] (Rivet Networks LLC -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [190808 2018-07-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277184 2018-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc. -> Dell Inc.)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302656 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [875816 2018-11-04] (Waves Inc -> Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92944 2017-09-18] (DISPLAYLINK -> DisplayLink Corp.)
S3 dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [238352 2017-09-18] (DISPLAYLINK -> DisplayLink Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74144 2017-11-22] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-22] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-22] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [85064 2017-11-30] (Intel(R) Software -> Intel Corporation)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-06-28] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70656 2017-10-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-03-01] (Malwarebytes Corporation -> Malwarebytes)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2355544 2018-07-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [141480 2018-08-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [864704 2017-11-01] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 usbaudio2; C:\WINDOWS\system32\DRIVERS\usbaudio2.sys [229888 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-01 20:47 - 2019-03-01 20:48 - 000021893 _____ C:\Users\szmil\Desktop\FRST.txt
2019-03-01 20:47 - 2019-03-01 20:47 - 000000000 ____D C:\FRST
2019-03-01 20:46 - 2019-03-01 20:46 - 002434048 _____ (Farbar) C:\Users\szmil\Desktop\FRST64.exe
2019-03-01 20:06 - 2019-03-01 20:06 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-27 20:23 - 2019-02-27 20:24 - 000000000 ____D C:\AdwCleaner
2019-02-27 20:22 - 2019-02-27 20:23 - 007316688 _____ (Malwarebytes) C:\Users\szmil\Desktop\adwcleaner_7.2.7.0.exe
2019-02-26 21:41 - 2019-02-26 21:45 - 000002296 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-26 21:41 - 2019-02-26 21:43 - 000000000 ____D C:\Program Files\CCleaner
2019-02-26 21:41 - 2019-02-26 21:42 - 000000000 ____D C:\Program Files (x86)\Google
2019-02-26 21:41 - 2019-02-26 21:41 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-26 21:41 - 2019-02-26 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-26 21:40 - 2019-02-26 21:40 - 019384632 _____ (Piriform Software Ltd) C:\Users\szmil\Downloads\ccsetup553.exe
2019-02-26 21:31 - 2019-02-26 21:31 - 001222144 _____ C:\Users\szmil\Downloads\RSITx64.exe
2019-02-26 21:31 - 2019-02-26 21:31 - 000000000 ____D C:\rsit
2019-02-26 21:31 - 2019-02-26 21:31 - 000000000 ____D C:\Program Files\trend micro
2019-02-26 20:05 - 2019-02-26 20:57 - 000000000 ____D C:\Users\szmil\Desktop\Oxford Stat Program
2019-02-25 21:52 - 2019-02-25 21:52 - 007835120 _____ C:\Users\szmil\Desktop\vmls.pdf
2019-02-24 22:08 - 2019-02-24 22:08 - 000956294 _____ C:\Users\szmil\Desktop\Working Paper 440_tcm47-312518.pdf
2019-02-24 12:24 - 2019-02-24 12:24 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2019-02-22 10:11 - 2019-02-22 10:11 - 001258064 _____ (EnTech Taiwan ) C:\Users\szmil\Downloads\ddmsetup.exe
2019-02-22 10:10 - 2019-02-22 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Display Manager
2019-02-22 10:10 - 2019-02-22 10:10 - 001196968 _____ (EnTech Taiwan ) C:\Users\szmil\Downloads\ddmsetup1887.exe
2019-02-22 10:03 - 2019-02-22 10:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2019-02-22 10:03 - 2019-02-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2019-02-22 10:02 - 2019-02-22 10:02 - 000001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2019-02-22 10:02 - 2019-02-22 10:02 - 000000000 ____D C:\Program Files\Waves
2019-02-22 10:02 - 2019-02-22 10:02 - 000000000 ____D C:\Program Files\Goodix
2019-02-22 10:01 - 2019-02-22 10:01 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2019-02-22 10:01 - 2019-02-22 10:01 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-02-22 10:01 - 2019-02-22 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2019-02-22 10:01 - 2019-02-22 10:01 - 000000000 ____D C:\Program Files\Killer Networking
2019-02-22 10:01 - 2018-11-12 22:14 - 006455992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2019-02-22 10:01 - 2018-11-12 22:14 - 003686072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2019-02-22 10:01 - 2018-11-12 22:14 - 003168328 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2019-02-22 10:01 - 2018-11-12 22:14 - 002939064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2019-02-22 10:01 - 2018-11-12 22:14 - 000240240 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2019-02-22 10:01 - 2018-11-12 22:14 - 000200816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2019-02-22 10:01 - 2018-11-12 22:14 - 000032608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 025143480 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 024341832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 024244912 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 003804648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 003357272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 001373928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 000707192 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 000589216 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 000355728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2019-02-22 10:01 - 2018-11-12 18:15 - 000203648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2019-02-22 10:01 - 2018-11-12 17:59 - 023980083 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2019-02-22 10:01 - 2018-09-10 10:30 - 000268192 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcAudioBus.sys
2019-02-22 10:01 - 2018-01-15 14:40 - 002856800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2019-02-22 09:57 - 2019-02-22 09:58 - 033741576 _____ (Dell Inc.) C:\Users\szmil\Downloads\Dell-Command-Monitor_YW3JJ_WIN_10.1.0.382_A00.EXE
2019-02-22 09:46 - 2019-02-24 12:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\Dell
2019-02-22 09:45 - 2019-02-22 09:45 - 014448640 _____ (Dell Inc.) C:\Users\szmil\Downloads\installer.exe
2019-02-22 09:45 - 2019-02-22 09:45 - 000000000 ____D C:\WINDOWS\{1AF69E72-9462-4EDE-942F-A4039D3DF43E}
2019-02-21 23:27 - 2019-02-21 23:27 - 003730501 _____ C:\Users\szmil\Desktop\Thierry Foucault, Marco Pagano, Ailsa Röell - Market Liquidity_ Theory, Evidence, and Policy-Oxford University Press (2013).pdf
2019-02-21 21:52 - 2019-02-21 21:53 - 005788513 _____ C:\Users\szmil\Desktop\Fabio Canova - Methods for applied macroeconomic research-Princeton University Press (2007).pdf
2019-02-21 20:52 - 2019-02-21 20:52 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-02-12 20:55 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-12 20:55 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-12 20:55 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-12 20:55 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-12 20:55 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-12 20:55 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-12 20:55 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-12 20:55 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-12 20:55 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-12 20:55 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-12 20:55 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-12 20:55 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-12 20:55 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-12 20:55 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-12 20:55 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-12 20:55 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:55 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-12 20:55 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-12 20:55 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-12 20:55 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-12 20:55 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-12 20:55 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-12 20:55 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-12 20:55 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-12 20:55 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-12 20:55 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-12 20:55 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-12 20:55 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-12 20:55 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-12 20:55 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-12 20:55 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-12 20:55 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-12 20:55 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-12 20:55 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-12 20:55 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-12 20:55 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-12 20:55 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-12 20:55 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-12 20:55 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-12 20:55 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-12 20:55 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-12 20:55 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-12 20:55 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-12 20:55 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-12 20:55 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-12 20:55 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-12 20:55 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-12 20:55 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-12 20:55 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-12 20:55 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-12 20:55 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-12 20:55 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-12 20:55 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-12 20:55 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-12 20:55 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-12 20:55 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-12 20:55 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-12 20:55 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-12 20:55 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-12 20:55 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-12 20:55 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-12 20:55 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-12 20:55 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-12 20:55 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-12 20:55 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-12 20:55 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-12 20:55 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-12 20:55 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-12 20:55 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-12 20:55 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-12 20:55 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-12 20:55 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-12 20:55 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-12 20:55 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-12 20:55 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-12 20:55 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-12 20:55 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-12 20:55 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-12 20:55 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-12 20:55 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:55 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-12 20:55 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-12 20:55 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:55 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-12 20:55 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-12 20:55 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-12 20:54 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-12 20:54 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-12 20:54 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-12 20:54 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-12 20:54 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-12 20:54 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-12 20:54 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-12 20:54 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-12 20:54 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-12 20:54 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-12 20:54 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-12 20:54 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-12 20:54 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-12 20:54 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-12 20:54 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-12 20:54 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-12 20:54 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2019-02-12 20:54 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-12 20:54 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-12 20:54 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-12 20:54 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-12 20:54 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-12 20:54 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-12 20:54 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-12 20:54 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-12 20:54 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-12 20:54 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-12 20:54 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-12 20:54 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-12 20:54 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-12 20:54 - 2019-02-02 23:53 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-12 20:54 - 2019-02-02 23:53 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-12 20:54 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:54 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-12 20:54 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-12 20:54 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-12 20:54 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-12 20:54 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-12 20:54 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-12 20:54 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-12 20:54 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-12 20:54 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-12 20:54 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-12 20:54 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-12 20:54 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-12 20:54 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-12 20:54 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-12 20:54 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-12 20:54 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-12 20:54 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-12 20:54 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-12 20:54 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-12 20:54 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-12 20:54 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-12 20:54 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-12 20:54 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-12 20:54 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-12 20:54 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-12 20:54 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-12 20:54 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-12 20:54 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-12 20:54 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-12 20:54 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-12 20:54 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-12 20:54 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-12 20:54 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-12 20:54 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 20:54 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-12 20:54 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-12 20:54 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-12 20:54 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-12 20:54 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-12 20:54 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-12 20:54 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-12 20:54 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-12 20:54 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-12 20:54 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-11 20:19 - 2019-02-11 20:19 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1364267542-355922637-1010560847-1001
2019-02-11 20:19 - 2019-02-11 20:19 - 000002389 _____ C:\Users\szmil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-08 18:54 - 2019-02-08 18:54 - 000000000 ____D C:\Users\szmil\AppData\Roaming\Logishrd
2019-02-08 18:54 - 2019-02-08 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2019-02-08 18:54 - 2019-02-08 18:54 - 000000000 ____D C:\ProgramData\Logishrd
2019-02-08 18:54 - 2019-02-08 18:54 - 000000000 ____D C:\Program Files\Logitech
2019-02-08 18:53 - 2019-02-08 18:53 - 157536104 _____ (Logitech Inc.) C:\Users\szmil\Downloads\Options_7.10.3.exe
2019-02-07 19:45 - 2019-02-07 19:47 - 039483008 _____ C:\Users\szmil\Downloads\Angel de la Fuente - Mathematical Methods and Models for Economists (2000, Cambridge University Press).pdf
2019-02-05 20:17 - 2019-02-05 20:19 - 000000000 ____D C:\ProgramData\Mozilla

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-01 20:34 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-01 20:17 - 2018-11-18 21:16 - 000000000 ____D C:\Program Files\rempl
2019-03-01 20:17 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-01 20:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-01 20:15 - 2018-12-28 19:48 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C37A5102-1CF2-4E56-BC56-DFF66D12CBFA}
2019-03-01 20:11 - 2018-05-12 22:40 - 000718734 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-01 20:11 - 2018-05-12 22:40 - 000145494 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-01 20:11 - 2018-05-12 12:53 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-01 20:11 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-01 20:06 - 2018-05-12 12:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-01 20:06 - 2018-05-09 16:02 - 000000000 ____D C:\Users\szmil\AppData\LocalLow\Mozilla
2019-03-01 20:06 - 2018-05-09 15:54 - 000000000 __SHD C:\Users\szmil\IntelGraphicsProfiles
2019-03-01 20:06 - 2018-03-31 07:39 - 000000000 ____D C:\ProgramData\Goodix
2019-02-28 23:02 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-02-28 23:01 - 2018-05-12 12:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-28 20:10 - 2018-05-12 12:49 - 000000000 ____D C:\Users\szmil
2019-02-27 22:46 - 2019-01-12 19:44 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-26 21:45 - 2018-05-09 15:54 - 000000000 ____D C:\Users\szmil\AppData\Local\VirtualStore
2019-02-26 21:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-26 20:26 - 2018-06-01 18:37 - 000000000 ____D C:\Users\szmil\Desktop\wget
2019-02-25 20:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-02-24 21:19 - 2018-05-09 16:02 - 000000000 ____D C:\Users\szmil\AppData\Roaming\RStudio
2019-02-24 21:19 - 2018-05-09 16:02 - 000000000 ____D C:\Users\szmil\AppData\Local\RStudio-Desktop
2019-02-24 18:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration
2019-02-24 18:22 - 2018-05-09 16:25 - 003284992 _____ C:\Users\szmil\AppData\Local\WebpageIcons.db
2019-02-24 12:24 - 2018-03-31 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-02-23 19:54 - 2018-05-09 21:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-22 14:52 - 2018-08-16 14:33 - 000000000 ____D C:\Users\szmil\Desktop\ČNB
2019-02-22 13:06 - 2018-05-30 21:02 - 000000000 ____D C:\Users\szmil\AppData\Local\D3DSCache
2019-02-22 13:06 - 2018-05-27 17:00 - 000000000 ____D C:\WINDOWS\Minidump
2019-02-22 10:10 - 2018-03-31 07:39 - 000000000 ____D C:\Program Files (x86)\Dell
2019-02-22 10:03 - 2018-03-31 07:35 - 000000000 ____D C:\Program Files (x86)\Intel
2019-02-22 10:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-02-22 10:02 - 2018-03-31 07:35 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-02-22 10:02 - 2018-03-31 07:35 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-02-22 10:02 - 2018-03-31 07:35 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2019-02-22 10:01 - 2018-03-31 07:37 - 000000000 ____D C:\ProgramData\RivetNetworks
2019-02-22 10:00 - 2018-03-31 07:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-22 09:46 - 2018-03-31 07:39 - 000000000 ____D C:\ProgramData\Dell
2019-02-20 21:17 - 2018-09-15 14:12 - 000000000 ____D C:\Users\szmil\AppData\Roaming\xm1
2019-02-14 09:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-14 01:10 - 2018-05-09 16:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-14 01:10 - 2018-05-09 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-13 21:40 - 2018-05-09 16:02 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-13 20:39 - 2018-12-29 13:42 - 000251360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-12 22:30 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-12 22:30 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-12 22:30 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-12 22:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-12 22:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-12 22:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-12 20:58 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-12 20:54 - 2018-05-09 16:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-12 20:45 - 2018-05-09 16:25 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-11 20:19 - 2018-05-09 15:56 - 000000000 ___RD C:\Users\szmil\OneDrive
2019-02-08 18:51 - 2018-06-14 18:40 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 07:52 - 2018-10-21 20:01 - 000000000 ____D C:\Users\szmil\Desktop\Clanek - EWM for banking crises

==================== Files in the root of some directories =======

2018-07-16 19:05 - 2018-07-16 19:05 - 000007605 _____ () C:\Users\szmil\AppData\Local\Resmon.ResmonCfg
2018-05-09 16:25 - 2019-02-24 18:22 - 003284992 _____ () C:\Users\szmil\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-12 12:47

==================== End of FRST.txt ============================

#7 Příspěvek od **Diallix** » 01 bře 2019 22:03

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

SearchScopes: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> DefaultScope {537EC806-CBB3-420A-8C87-21C3D0E7C67F} URL = 
SearchScopes: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> {537EC806-CBB3-420A-8C87-21C3D0E7C67F} URL = 
Toolbar: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> No Name - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

krosna · #8 Příspěvek od **krosna** » 01 bře 2019 22:34

Posílam další log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by szmil (01-03-2019 22:30:27) Run:1
Running from C:\Users\szmil\Desktop
Loaded Profiles: szmil (Available Profiles: szmil)
Boot Mode: Normal
==============================================

fixlist content:
*****************
SearchScopes: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> DefaultScope {537EC806-CBB3-420A-8C87-21C3D0E7C67F} URL =
SearchScopes: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> {537EC806-CBB3-420A-8C87-21C3D0E7C67F} URL =
Toolbar: HKU\S-1-5-21-1364267542-355922637-1010560847-1001 -> No Name - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

EmptyTemp:
*****************

"HKU\S-1-5-21-1364267542-355922637-1010560847-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1364267542-355922637-1010560847-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{537EC806-CBB3-420A-8C87-21C3D0E7C67F} => removed successfully
HKLM\Software\Classes\CLSID\{537EC806-CBB3-420A-8C87-21C3D0E7C67F} => not found
"HKU\S-1-5-21-1364267542-355922637-1010560847-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BFD9D8A8-57FF-488A-B919-065EC77CF82F}" => removed successfully
HKLM\Software\Classes\CLSID\{BFD9D8A8-57FF-488A-B919-065EC77CF82F} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12789238 B
Java, Flash, Steam htmlcache => 123363760 B
Windows/system/drivers => 97105 B
Edge => 14336 B
Chrome => 0 B
Firefox => 1080468918 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 8000 B
NetworkService => 0 B
szmil => 20812066 B

RecycleBin => 969 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:31:01 ====

#9 Příspěvek od **Diallix** » 01 bře 2019 22:53

Ako je na tom pocitac?

krosna · #10 Příspěvek od **krosna** » 02 bře 2019 14:10

Řekl bych, že mnohem lepší

. Moc děkuji za pomoc!

#11 Příspěvek od **Diallix** » 02 bře 2019 21:47

Nemate zac :]]

VIRY.CZ

Preventika - pomalé načítání stránek?

Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?

Re: Preventika - pomalé načítání stránek?