Prosím o preventívnu kontrolu.

[maba345]

Logfile of random's system information tool 1.10 (written by random/random)
Run by maba at 2019-02-28 19:23:22
Microsoft Windows 10 Pro
System drive C: has 73 GB (64%) free of 114 GB
Total RAM: 8090 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:29, on 28. 2. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files\trend micro\maba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://178.18.68.125/Login.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Windscribe] "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ProtonVPN Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8292 bytes

======Listing Processes======









winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe"
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc

C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:1752 CREDAT:9730 APH:5480000000013 JITHOST /prefetch:2
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-48ee2704-aff5-4952-b02d-ebd393917a65 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-7fb8f66c-5ef9-4a39-b526-d2fc72ff6316 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bc49bee3-d2d2-4ae6-ab27-b468b687d6bd -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-62cb8698-71c6-4eb0-8619-38a55db48cab -LifetimeId:b8d07598-dd35-4e8d-9510-9627fe4c841b -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x6dc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\maba\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\maba\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\maba\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.119 --initial-client-data=0x1f4,0x1f8,0x1fc,0x1f0,0x200,0x7ff8a9325510,0x7ff8a9325520,0x7ff8a9325530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1828 --on-initialized-event-handle=720 --parent-handle=724 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=1106437841127060261 --mojo-platform-channel-handle=1740 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --lang=sk --service-sandbox-type=network --service-request-channel-token=15615814789921999799 --mojo-platform-channel-handle=2164 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --service-pipe-token=6705052583844797317 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6705052583844797317 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --service-pipe-token=2243647730016368017 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2243647730016368017 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --service-pipe-token=8731189720840751255 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8731189720840751255 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --service-pipe-token=6925156603442390410 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6925156603442390410 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --service-pipe-token=412184674451682011 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=412184674451682011 --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --service-pipe-token=11321017947027400747 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11321017947027400747 --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1724,17720178382358231138,7898741665018726659,131072 --service-pipe-token=8002539806213026152 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8002539806213026152 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2924 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe34_ Global\UsGthrCtrlFltPipeMssGthrPipe34 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 772 776 784 8192 780
"C:\Users\maba\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2017-06-29 18381792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-12-17 731240]
"Windscribe"=C:\Program Files (x86)\Windscribe\Windscribe.exe -os_restart []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2018-09-28 598200]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2015-12-09 421888]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-02-28 19:23:23 ----D---- C:\Program Files\trend micro
2019-02-28 19:23:22 ----D---- C:\rsit
2019-02-28 12:37:20 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2019-02-28 12:37:18 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2019-02-28 12:37:14 ----D---- C:\ProgramData\Malwarebytes
2019-02-28 12:37:14 ----D---- C:\Program Files\Malwarebytes
2019-02-28 12:32:42 ----D---- C:\WINDOWS\Minidump
2019-02-27 19:53:49 ----A---- C:\WINDOWS\system32\drivers\tapwindscribe0901.sys
2019-02-27 19:43:48 ----D---- C:\ProgramData\ProtonVPN
2019-02-27 19:43:42 ----D---- C:\Program Files (x86)\Proton Technologies
2019-02-27 19:43:29 ----D---- C:\Users\maba\AppData\Roaming\ProtonVPN AG
2019-02-27 19:24:07 ----D---- C:\ProgramData\Caphyon
2019-02-27 19:24:05 ----D---- C:\ProgramData\NordVpn
2019-02-26 00:46:56 ----D---- C:\Users\maba\AppData\Roaming\CPY_SAVES
2019-02-24 13:44:28 ----D---- C:\Users\maba\AppData\Roaming\hybrid
2019-02-24 13:43:28 ----D---- C:\Program Files\Hybrid
2019-02-21 20:04:16 ----D---- C:\Program Files (x86)\Mafia 2 Multiplayer
2019-02-21 13:21:23 ----SHD---- C:\Config.Msi
2019-02-20 13:05:59 ----D---- C:\Users\maba\AppData\Roaming\LibreOffice
2019-02-20 13:04:48 ----D---- C:\Program Files\LibreOffice
2019-02-20 12:51:16 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-20 12:39:07 ----D---- C:\WINDOWS\Panther
2019-02-20 12:07:50 ----D---- C:\Program Files (x86)\Microsoft Office
2019-02-18 20:41:47 ----D---- C:\Users\maba\AppData\Roaming\GetRightToGo
2019-02-17 14:14:19 ----D---- C:\Users\maba\AppData\Roaming\2K Sports
2019-02-12 23:28:05 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2019-02-12 23:28:05 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2019-02-12 23:28:05 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-02-12 23:28:05 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2019-02-12 23:28:05 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-12 23:28:05 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-12 23:28:05 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\system32\mfps.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-02-12 23:28:04 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-12 23:28:03 ----A---- C:\WINDOWS\system32\tellib.dll
2019-02-12 23:27:59 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-12 23:27:59 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2019-02-12 23:27:59 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-02-12 23:27:59 ----A---- C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-02-12 23:27:59 ----A---- C:\WINDOWS\system32\AssignedAccessManager.dll
2019-02-12 23:27:58 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2019-02-12 23:27:58 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2019-02-12 23:27:58 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-02-12 23:27:58 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2019-02-12 23:27:57 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-02-12 23:27:57 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-02-12 23:27:57 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\system32\sysmain.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\system32\SpaceControl.dll
2019-02-12 23:27:56 ----A---- C:\WINDOWS\system32\SpaceAgent.exe
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\termsrv.dll
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\PktMon.exe
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\nlahc.dll
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\AcLayers.dll
2019-02-12 23:27:55 ----A---- C:\WINDOWS\system32\AcGenral.dll
2019-02-12 23:27:54 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-02-12 23:27:54 ----A---- C:\WINDOWS\system32\msi.dll
2019-02-12 23:27:53 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-02-12 23:27:53 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-02-12 23:27:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-02-12 23:27:52 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-02-12 23:27:51 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-12 23:27:51 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-02-12 23:27:51 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\resutils.dll
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\mispace.dll
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\discan.dll
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-02-12 23:27:50 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-12 23:27:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-02-12 23:27:49 ----A---- C:\WINDOWS\SYSWOW64\setupcln.dll
2019-02-12 23:27:49 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2019-02-12 23:27:49 ----A---- C:\WINDOWS\SYSWOW64\rasppp.dll
2019-02-12 23:27:49 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2019-02-12 23:27:49 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2019-02-12 23:27:49 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\nslookup.exe
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-02-12 23:27:48 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-02-12 23:27:47 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2019-02-12 23:27:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2019-02-12 23:27:46 ----A---- C:\WINDOWS\SYSWOW64\spopk.dll
2019-02-12 23:27:46 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\system32\wininet.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\system32\wincredui.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\system32\nslookup.exe
2019-02-12 23:27:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-02-12 23:27:45 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\smss.exe
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\kdnet.dll
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-02-12 23:27:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2019-02-12 23:27:42 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-02-12 23:27:42 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-02-12 23:27:42 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\winresume.exe
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\winload.exe
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\uReFS.dll
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\spopk.dll
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\refsutil.exe
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\mfc42u.dll
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\mfc42.dll
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-02-12 23:27:41 ----A---- C:\WINDOWS\system32\apphelp.dll
2019-02-12 23:27:40 ----A---- C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-12 23:27:40 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-12 23:27:40 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-12 23:27:40 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-12 23:27:40 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-12 23:27:40 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\shell32.dll
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\setupcln.dll
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\rasppp.dll
2019-02-12 23:27:39 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\vpnike.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\setupapi.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\rasman.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\npmproxy.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\ncsi.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\lpkinstall.exe
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-12 23:27:38 ----A---- C:\WINDOWS\system32\BTAGService.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\win32k.sys
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\SensorService.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\ISM.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\InputService.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
2019-02-12 23:27:37 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2019-02-12 23:27:36 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-12 23:27:36 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-12 23:27:36 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-12 23:27:36 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-02-12 23:27:36 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-12 23:27:35 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2019-02-12 23:27:35 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2019-02-12 23:27:35 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-12 23:27:35 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-12 23:27:35 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-12 23:27:35 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-12 23:27:34 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-02-12 23:27:34 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-12 23:27:34 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\umpo-overrides.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-12 23:27:33 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-02-12 23:27:32 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\w32time.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\MTF.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\mf.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\drvstore.dll
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-02-12 23:27:32 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\NtlmShared.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\netiohlp.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\mswsock.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\dnsapi.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\container.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\ci.dll
2019-02-12 23:27:31 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-12 23:27:30 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-02-12 23:27:30 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-02-12 23:27:30 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-02-12 23:27:29 ----A---- C:\WINDOWS\SYSWOW64\netiohlp.dll
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2019-02-12 23:27:29 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2019-02-07 19:22:52 ----D---- C:\ProgramData\Avira
2019-02-07 19:22:49 ----D---- C:\Program Files (x86)\Avira
2019-02-02 21:09:40 ----D---- C:\ProgramData\Riot Games
2019-02-02 17:33:22 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2019-02-02 17:33:22 ----D---- C:\Program Files\Realtek
2019-02-02 17:33:11 ----A---- C:\WINDOWS\system32\SRSWOW64.dll
2019-02-02 17:33:11 ----A---- C:\WINDOWS\system32\SRSTSX64.dll
2019-02-02 17:33:11 ----A---- C:\WINDOWS\system32\SRSTSH64.dll
2019-02-02 17:33:11 ----A---- C:\WINDOWS\system32\SRSHP64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RtPgEx64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RtlCPAPI64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RtkCoLDR64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RtkCfg64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RtkApi64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RTEEP64A.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RTEEL64A.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RTEEG64A.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RTEED64A.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RtDataProc64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RTCOM64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RP3DHT64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RP3DAA64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RltkAPO64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\RCoInstII64.dll
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\drivers\RTKVHD64.sys
2019-02-02 17:33:10 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2019-02-02 17:33:09 ----A---- C:\WINDOWS\SYSWOW64\MBAPO32.dll
2019-02-02 17:33:09 ----A---- C:\WINDOWS\system32\MBWrp64.dll
2019-02-02 17:33:09 ----A---- C:\WINDOWS\system32\MBppld64.dll
2019-02-02 17:33:09 ----A---- C:\WINDOWS\system32\MBPPCn64.dll
2019-02-02 17:33:09 ----A---- C:\WINDOWS\system32\MBAPO64.dll
2019-02-02 17:33:09 ----A---- C:\WINDOWS\system32\MaxxAudioEQ64.dll
2019-02-02 17:33:08 ----A---- C:\WINDOWS\system32\MaxxAudioAPO20.dll
2019-02-02 17:33:08 ----A---- C:\WINDOWS\system32\FMAPO64.dll
2019-02-02 17:33:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2019-02-02 17:33:07 ----D---- C:\Program Files (x86)\Realtek
2019-02-02 17:33:07 ----A---- C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2019-02-02 17:33:07 ----A---- C:\WINDOWS\system32\AERTAR64.dll
2019-02-02 17:33:07 ----A---- C:\WINDOWS\system32\AERTAC64.dll
2019-02-02 17:33:00 ----HD---- C:\Program Files (x86)\Temp
2019-02-02 17:33:00 ----A---- C:\WINDOWS\RtlExUpd.dll
2019-02-02 01:01:32 ----D---- C:\Users\maba\AppData\Roaming\ViberPC
2019-02-01 23:59:28 ----D---- C:\Program Files (x86)\AIMP2 Tools
2019-01-31 16:42:08 ----D---- C:\Program Files (x86)\Ubisoft
2019-01-30 18:43:32 ----D---- C:\ProgramData\Electronic Arts

======List of files/folders modified in the last 1 month======

2019-02-28 19:23:29 ----D---- C:\WINDOWS\Temp
2019-02-28 19:23:25 ----D---- C:\WINDOWS\Prefetch
2019-02-28 19:23:23 ----RD---- C:\Program Files
2019-02-28 19:17:21 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-02-28 18:40:00 ----D---- C:\WINDOWS\system32\sru
2019-02-28 18:30:55 ----D---- C:\Users\maba\AppData\Roaming\vlc
2019-02-28 17:57:01 ----D---- C:\WINDOWS\system32\SleepStudy
2019-02-28 17:32:53 ----RD---- C:\WINDOWS\Microsoft.NET
2019-02-28 15:20:45 ----D---- C:\WINDOWS\Logs
2019-02-28 14:05:21 ----D---- C:\Users\maba\AppData\Roaming\VideoProc
2019-02-28 12:43:42 ----D---- C:\WINDOWS\system32\drivers
2019-02-28 12:38:50 ----D---- C:\WINDOWS\System32
2019-02-28 12:38:50 ----D---- C:\WINDOWS\INF
2019-02-28 12:38:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-28 12:37:42 ----HD---- C:\Program Files\WindowsApps
2019-02-28 12:37:41 ----D---- C:\WINDOWS\AppReadiness
2019-02-28 12:37:20 ----HD---- C:\WINDOWS\ELAMBKUP
2019-02-28 12:37:14 ----HD---- C:\ProgramData
2019-02-28 12:32:54 ----D---- C:\ProgramData\NVIDIA
2019-02-28 12:32:51 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-28 12:32:45 ----D---- C:\Program Files (x86)\TeamViewer
2019-02-28 12:32:42 ----D---- C:\Windows
2019-02-28 00:12:58 ----D---- C:\ProgramData\Origin
2019-02-28 00:07:38 ----D---- C:\Users\maba\AppData\Roaming\discord
2019-02-27 23:34:36 ----D---- C:\Users\maba\AppData\Roaming\Origin
2019-02-27 23:34:15 ----D---- C:\Program Files (x86)\Origin Games
2019-02-27 20:36:39 ----D---- C:\Users\maba\AppData\Roaming\Azureus
2019-02-27 20:08:29 ----RD---- C:\Program Files (x86)
2019-02-27 19:53:49 ----D---- C:\WINDOWS\system32\DriverStore
2019-02-27 19:43:54 ----D---- C:\WINDOWS\Tasks
2019-02-27 19:43:54 ----D---- C:\WINDOWS\system32\Tasks
2019-02-27 19:43:51 ----SHDC---- C:\WINDOWS\Installer
2019-02-27 18:21:59 ----D---- C:\Users\maba\AppData\Roaming\AIMP
2019-02-26 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-02-26 15:13:16 ----D---- C:\WINDOWS\system32\config
2019-02-25 18:05:52 ----D---- C:\Program Files (x86)\Steam
2019-02-25 14:41:44 ----D---- C:\WINDOWS\WinSxS
2019-02-22 22:21:22 ----D---- C:\WINDOWS\system32\drivers\wd
2019-02-22 14:17:53 ----D---- C:\WINDOWS\system32\catroot2
2019-02-21 15:07:11 ----RSD---- C:\WINDOWS\assembly
2019-02-21 13:21:26 ----D---- C:\WINDOWS\SysWOW64
2019-02-20 18:15:49 ----D---- C:\Users\maba\AppData\Roaming\TeamViewer
2019-02-20 13:04:50 ----RSD---- C:\WINDOWS\Fonts
2019-02-20 12:53:18 ----D---- C:\Program Files (x86)\Microsoft.NET
2019-02-20 12:16:47 ----SD---- C:\Users\maba\AppData\Roaming\Microsoft
2019-02-20 12:07:49 ----SD---- C:\ProgramData\Microsoft
2019-02-20 12:07:48 ----D---- C:\Program Files\Common Files\microsoft shared
2019-02-13 13:03:14 ----D---- C:\WINDOWS\debug
2019-02-13 02:01:36 ----D---- C:\WINDOWS\TextInput
2019-02-13 02:01:36 ----D---- C:\WINDOWS\SYSWOW64\oobe
2019-02-13 02:01:36 ----D---- C:\WINDOWS\SYSWOW64\Dism
2019-02-13 02:01:36 ----D---- C:\WINDOWS\system32\wbem
2019-02-13 02:01:36 ----D---- C:\WINDOWS\system32\oobe
2019-02-13 02:01:36 ----D---- C:\WINDOWS\system32\migwiz
2019-02-13 02:01:36 ----D---- C:\WINDOWS\system32\en-US
2019-02-13 02:01:36 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-02-13 02:01:35 ----D---- C:\WINDOWS\system32\Dism
2019-02-13 02:01:35 ----D---- C:\WINDOWS\system32\Boot
2019-02-13 02:01:35 ----D---- C:\WINDOWS\system32\appraiser
2019-02-13 02:01:35 ----D---- C:\WINDOWS\ShellExperiences
2019-02-13 02:01:35 ----D---- C:\WINDOWS\ShellComponents
2019-02-13 02:01:35 ----D---- C:\WINDOWS\bcastdvr
2019-02-13 02:01:35 ----D---- C:\WINDOWS\apppatch
2019-02-12 23:28:32 ----D---- C:\WINDOWS\CbsTemp
2019-02-12 23:26:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-02-12 23:25:53 ----D---- C:\WINDOWS\system32\MRT
2019-02-12 23:24:59 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-02-07 23:54:42 ----D---- C:\ProgramData\Packages
2019-02-07 14:34:10 ----D---- C:\ProgramData\Package Cache
2019-02-04 13:31:49 ----D---- C:\ProgramData\NVIDIA Corporation
2019-02-04 13:31:49 ----D---- C:\Program Files\NVIDIA Corporation
2019-02-04 13:31:49 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-02-03 22:52:16 ----D---- C:\Program Files\Common Files
2019-02-01 14:43:28 ----D---- C:\Program Files (x86)\Common Files
2019-01-29 12:08:15 ----D---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-04-11 645480]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-13 55608]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2018-12-13 317440]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-09-15 87552]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-09-15 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-09-15 452096]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-13 51712]
R3 dtlitescsibus;@oem2.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-10-03 30264]
R3 dtliteusbbus;@oem47.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2019-01-03 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2017-06-29 5826560]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-11-30 491048]
R3 LVRS64;@oem10.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem11.inf,%PID_0826_DD%(UVC);Logitech HD Webcam C525(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-07-27 206496]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5db32447b43ce666\nvlddmkm.sys [2019-01-12 20461984]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-09-15 605696]
R3 rzudd;@oem39.inf,%Razer.SvcDesc%;Razer Mouse Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2015-08-13 202952]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-02-01 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-09-15 135168]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2018-09-15 219960]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2018-09-15 172560]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-12-13 102392]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-13 111104]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-09-15 90624]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-02-12 1221120]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-09-15 92672]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-09-15 63288]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-09-15 125952]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-09-15 80184]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-01 7966192]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2018-09-15 290816]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 phantomtap;@oem3.inf,%DeviceDescription%;Phantom TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\phantomtap.sys [2018-08-14 45056]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-09-15 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ProtonVPNSplitTunnelCalloutDriver;ProtonVPNSplitTunnelCalloutDriver; \??\C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [2018-10-04 48664]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-02-12 982032]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-09-15 202240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-09-15 33080]
S3 smbdirect;smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [2018-09-15 171520]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-09-15 73016]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-09-15 33280]
S4 NVHDA;@oem17.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys []
S4 nvvad_WaveExtensible;@oem45.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
S4 nvvhci;@oem44.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_433c7;CDPUserSvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-01 373744]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-01-11 767184]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-01-11 790384]
R2 OneSyncSvc_433c7;OneSyncSvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2019-01-29 3171144]
R2 ProtonVPN Service;ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [2019-01-18 85096]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-09-15 254832]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_433c7;cbdhsvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-12-17 3644008]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-09-09 43632]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 PimIndexMaintenanceSvc_433c7;PimIndexMaintenanceSvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-02-12 864056]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-05 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 6562472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_433c7;BcastDVRUserService_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_433c7;BluetoothUserService_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_433c7;CaptureService_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_433c7;ConsentUxUserSvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-01 301552]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_433c7;DevicePickerUserSvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_433c7;DevicesFlowUserSvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-09-15 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe [2019-02-20 1271280]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-05 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_433c7;MessagingService_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2019-01-29 2298688]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_433c7;PrintWorkflowUserSvc_433c7; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2019-01-09 5381128]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-09-15 982528]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-09-15 831504]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]

-----------------EOF-----------------

Vďaka

[Diallix]

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

[maba345]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-01-2019
# Duration: 00:00:09
# OS: Windows 10 Pro
# Scanned: 31818
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1345 octets] - [01/03/2019 11:42:20]
AdwCleaner[C00].txt - [1491 octets] - [01/03/2019 11:42:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

[Diallix]

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

[maba345]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by maba (administrator) on MABA-PC (16-03-2019 19:10:01)
Running from C:\Users\maba\Desktop
Loaded Profiles: maba (Available Profiles: maba)
Platform: Windows 10 Pro Version 1809 17763.379 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2018-09-28] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\MountPoints2: {b7253ed3-5cdd-11e8-8119-1c1b0d3ce055} - "H:\HiSuiteDownLoader.exe"
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [MSVideo] => C:\WINDOWS\system32\vfwwdm32.dll [68096 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-04] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 178.18.68.16
Tcpip\..\Interfaces\{ac2205c9-f801-4fdc-acdf-685ba4b1b0ab}: [DhcpNameServer] 178.18.68.16

Internet Explorer:
==================
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://178.18.68.125/Login.htm

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.azet.sk/","hxxp://www.google.com/"
CHR Profile: C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default [2019-03-16]
CHR Extension: (Prezentácie) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-05]
CHR Extension: (BetterTTV) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2019-02-13]
CHR Extension: (Dokumenty) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-05]
CHR Extension: (1Password extension (desktop app required)) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2018-11-05]
CHR Extension: (Disk Google) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-05]
CHR Extension: (Turn Off the Lights) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2019-03-03]
CHR Extension: (MEGA) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-03-15]
CHR Extension: (YouTube) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-13]
CHR Extension: (Tabuľky) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-05]
CHR Extension: (Quick Javascript Switcher) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2019-01-24]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-05]
CHR Extension: (Rozšírenie Google Keep pre Chrome) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2019-03-11]
CHR Extension: (Morpheon Dark) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-11-05]
CHR Extension: (Twitch Now) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-05]
CHR Extension: (Gmail) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\maba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-03] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel(R) pGFX -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [85096 2019-01-18] (ProtonVPN AG -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-08-14] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2018-10-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-16 19:10 - 2019-03-16 19:10 - 000016697 _____ C:\Users\maba\Desktop\FRST.txt
2019-03-16 19:09 - 2019-03-16 19:10 - 000000000 ____D C:\FRST
2019-03-16 19:08 - 2019-03-16 19:08 - 002433536 _____ (Farbar) C:\Users\maba\Desktop\FRST64.exe
2019-03-15 19:14 - 2019-03-15 19:14 - 000000000 ____D C:\Users\maba\AppData\Local\DigitalEntitlements
2019-03-15 18:50 - 2019-03-15 18:50 - 000002129 _____ C:\Users\maba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM Singleplayer.lnk
2019-03-15 18:50 - 2019-03-15 18:50 - 000002121 _____ C:\Users\maba\Desktop\FiveM Singleplayer.lnk
2019-03-15 18:50 - 2019-03-15 18:50 - 000002121 _____ C:\Users\maba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2019-03-15 18:50 - 2019-03-15 18:50 - 000002113 _____ C:\Users\maba\Desktop\FiveM.lnk
2019-03-15 18:50 - 2019-03-15 18:50 - 000000000 ____D C:\Users\maba\AppData\Local\FiveM
2019-03-15 18:49 - 2019-03-15 18:49 - 006965648 _____ (cfx-collective) C:\Users\maba\Desktop\FiveM.exe
2019-03-15 18:49 - 2019-03-15 18:49 - 000000000 ____D C:\Users\maba\Desktop\FiveM.app
2019-03-15 18:48 - 2019-03-15 18:48 - 000000622 _____ C:\Users\maba\Desktop\RAGE Multiplayer.lnk
2019-03-15 18:48 - 2019-03-15 18:48 - 000000000 ____D C:\RAGEMP
2019-03-15 18:47 - 2019-03-15 18:47 - 001095550 _____ C:\Users\maba\Desktop\RAGE_Multiplayer.zip
2019-03-14 14:38 - 2019-03-14 14:38 - 000000000 ____D C:\Users\Public\Documents\uPlay
2019-03-14 12:19 - 2019-03-14 12:19 - 000628408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-14 12:19 - 2019-03-14 12:19 - 000000000 ____D C:\WINDOWS\Panther
2019-03-13 12:58 - 2019-03-13 12:58 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 007882240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 006548168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 006069760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 005436184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 004689408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 003923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 003551408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 002275680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 12:58 - 2019-03-13 12:58 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2019-03-13 12:58 - 2019-03-13 12:58 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 12:58 - 2019-03-13 12:58 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 12:58 - 2019-03-13 12:58 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 015224320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 009683256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 12:57 - 2019-03-13 12:57 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 004588744 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-03-13 12:57 - 2019-03-13 12:57 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 003382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 003378488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 002926904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 002776712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 002187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001701376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 12:57 - 2019-03-13 12:57 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 12:57 - 2019-03-13 12:57 - 001043256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 12:57 - 2019-03-13 12:57 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000895048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000726416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 12:57 - 2019-03-13 12:57 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 12:57 - 2019-03-13 12:57 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-03-13 12:57 - 2019-03-13 12:57 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 12:57 - 2019-03-13 12:57 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 12:57 - 2019-03-13 12:57 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 12:57 - 2019-03-13 12:57 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-10 17:03 - 2019-03-10 17:03 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-03-10 17:03 - 2019-03-10 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-03-10 16:12 - 2019-03-10 16:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-03-10 16:12 - 2019-03-10 16:12 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-03-10 16:08 - 2019-03-11 12:26 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-10 16:08 - 2019-03-10 16:12 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-10 16:08 - 2019-03-10 16:08 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-10 16:08 - 2019-03-10 16:08 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-10 16:08 - 2019-03-10 16:08 - 000000000 ____D C:\Program Files\CCleaner
2019-03-10 15:04 - 2019-03-10 15:04 - 000000000 ____D C:\Users\maba\AppData\Local\FactoryGame
2019-03-08 16:26 - 2019-03-08 16:26 - 000000000 ____D C:\Users\maba\AppData\LocalLow\Yash Future Tech Solutions Pvt_ Ltd_
2019-03-08 16:26 - 2019-03-08 16:26 - 000000000 ____D C:\Users\maba\AppData\LocalLow\Yash Future Tech Solutions Pvt. Ltd_
2019-03-07 17:34 - 2019-03-07 17:34 - 000002260 _____ C:\Users\maba\WhatsApp.lnk
2019-03-07 17:34 - 2019-03-07 17:34 - 000000000 ____D C:\Users\maba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-03-07 17:33 - 2019-03-08 15:54 - 000000000 ____D C:\Users\maba\AppData\Roaming\WhatsApp
2019-03-07 17:33 - 2019-03-07 17:34 - 000000000 ____D C:\Users\maba\AppData\Local\WhatsApp
2019-03-06 12:33 - 2019-03-06 12:33 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 009670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 008875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 007688088 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 007647256 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 007556392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 003729808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 003660288 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 003427840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002871312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002766648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002720768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002637312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002199864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002141184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002044416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002013696 _____ C:\WINDOWS\system32\rdpnano.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001969152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001893888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001751352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001742104 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001711616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001697744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-06 12:33 - 2019-03-06 12:33 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001644048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001563336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001481488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001479480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001468440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 001457544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001403920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 001341880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-06 12:33 - 2019-03-06 12:33 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001296576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001294856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 001258808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-03-06 12:33 - 2019-03-06 12:33 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001179168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 001177088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 001098128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001078072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001072720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2019-03-06 12:33 - 2019-03-06 12:33 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2019-03-06 12:33 - 2019-03-06 12:33 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000865568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-06 12:33 - 2019-03-06 12:33 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000833064 _____ C:\WINDOWS\system32\InputHost.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000808464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000790328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000735760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000652824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000646632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000619832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000484976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000460304 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000355360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000336744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000330464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000322576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000300344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000279376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000147256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000138960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000115152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2019-03-06 12:33 - 2019-03-06 12:33 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-06 12:33 - 2019-03-06 12:33 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-06 12:33 - 2019-03-06 12:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-06 00:19 - 2019-03-10 19:41 - 000000000 ____D C:\Users\maba\AppData\Roaming\EasyAntiCheat
2019-03-05 16:36 - 2019-02-27 17:50 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-03-05 16:34 - 2019-03-02 03:29 - 020106384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 017434264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 010319696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 008784920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 001462232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 001169152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 001145752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 000915304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 000822792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 000794656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-03-05 16:34 - 2019-03-02 03:29 - 000638392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-03-05 16:34 - 2019-03-02 03:28 - 004301480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-03-05 16:34 - 2019-03-01 23:32 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-03-05 16:34 - 2019-03-01 23:32 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-03-05 16:34 - 2019-03-01 23:32 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-03-05 16:34 - 2019-03-01 23:32 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-03-05 16:34 - 2019-03-01 23:32 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-03-05 16:34 - 2019-03-01 23:32 - 000456904 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-03-05 16:34 - 2019-03-01 23:32 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-03-05 16:34 - 2019-03-01 23:32 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-03-05 16:34 - 2019-03-01 23:32 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-03-05 16:34 - 2019-03-01 23:32 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-03-05 16:34 - 2019-03-01 23:30 - 005274368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 004625344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 002033032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 001734344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441935.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 001535744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 001467832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441935.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 001464520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 001130184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 000752520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 000668456 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 000611720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 000534728 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-03-05 16:34 - 2019-03-01 23:30 - 000521928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-03-05 16:34 - 2019-03-01 23:29 - 040234704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-03-05 16:34 - 2019-03-01 23:29 - 035140488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-03-04 23:31 - 2019-03-04 23:31 - 000000000 ___HD C:\Users\Public\Shared Files
2019-03-04 23:26 - 2019-03-04 23:26 - 000000000 ____D C:\Users\maba\AppData\Local\Speech Graphics
2019-03-04 23:25 - 2019-03-04 23:25 - 000000000 ____D C:\Users\maba\AppData\Local\FortniteGame
2019-03-04 17:22 - 2019-03-04 17:22 - 000000000 ____D C:\Users\maba\AppData\Local\Viber
2019-03-04 16:39 - 2019-03-06 15:37 - 000000000 ____D C:\Users\maba\AppData\Local\Bethesda.net Launcher
2019-03-04 16:39 - 2019-03-06 15:37 - 000000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2019-03-04 16:39 - 2019-03-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2019-03-04 12:18 - 2019-03-04 12:18 - 000000000 ____D C:\Users\maba\AppData\Local\UnrealEngineLauncher
2019-03-04 12:18 - 2019-03-04 12:18 - 000000000 ____D C:\Users\maba\AppData\Local\EpicGamesLauncher
2019-03-04 12:17 - 2019-03-04 12:41 - 000000000 ____D C:\ProgramData\Epic
2019-03-04 12:17 - 2019-03-04 12:17 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2019-03-04 12:17 - 2019-03-04 12:17 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-03-03 22:49 - 2019-03-06 00:19 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-03-03 22:49 - 2019-03-03 22:49 - 000000000 ____D C:\Users\maba\AppData\Local\TslGame
2019-03-03 22:49 - 2019-03-03 22:49 - 000000000 ____D C:\Users\maba\AppData\Local\BattlEye
2019-03-01 18:32 - 2019-03-01 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiRT Rally 2 0
2019-02-28 19:23 - 2019-02-28 19:23 - 000000000 ____D C:\rsit
2019-02-28 19:23 - 2019-02-28 19:23 - 000000000 ____D C:\Program Files\trend micro
2019-02-28 12:37 - 2019-02-28 12:37 - 000000000 ____D C:\Users\maba\AppData\Local\mbamtray
2019-02-28 12:37 - 2019-02-28 12:37 - 000000000 ____D C:\Users\maba\AppData\Local\mbam
2019-02-28 12:37 - 2019-02-28 12:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-28 12:37 - 2019-02-28 12:37 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-28 12:37 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-28 12:37 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-28 12:32 - 2019-03-01 11:35 - 000000000 ____D C:\WINDOWS\Minidump
2019-02-27 19:53 - 2019-02-27 19:53 - 000000000 ____D C:\Users\maba\AppData\Local\Windscribe
2019-02-27 19:53 - 2018-07-13 17:12 - 000054896 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys
2019-02-27 19:43 - 2019-02-27 19:51 - 000000000 ____D C:\Users\maba\AppData\Local\ProtonVPN
2019-02-27 19:43 - 2019-02-27 19:47 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-02-27 19:43 - 2019-02-27 19:43 - 000000000 ____D C:\Users\maba\AppData\Roaming\ProtonVPN AG
2019-02-27 19:43 - 2019-02-27 19:43 - 000000000 ____D C:\Users\maba\AppData\Local\IsolatedStorage
2019-02-27 19:43 - 2019-02-27 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2019-02-27 19:43 - 2019-02-27 19:43 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2019-02-27 19:24 - 2019-02-27 19:25 - 000000000 ____D C:\ProgramData\NordVpn
2019-02-27 19:24 - 2019-02-27 19:24 - 000000000 ____D C:\ProgramData\Caphyon
2019-02-27 19:23 - 2019-02-27 19:26 - 000000000 ____D C:\Users\maba\AppData\Local\NordVPN
2019-02-26 00:46 - 2019-02-26 00:46 - 000000000 ____D C:\Users\maba\AppData\Roaming\CPY_SAVES
2019-02-25 19:04 - 2019-02-25 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Exodus
2019-02-25 16:49 - 2019-02-25 16:50 - 000122773 _____ C:\Users\maba\Faktúra_190100219.pdf
2019-02-24 13:44 - 2019-02-24 15:08 - 000000000 ____D C:\Users\maba\AppData\Roaming\hybrid
2019-02-24 13:44 - 2019-02-24 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hybrid
2019-02-24 13:43 - 2019-02-24 13:44 - 000000000 ____D C:\Program Files\Hybrid
2019-02-22 13:00 - 2019-02-22 13:00 - 000000000 ____D C:\Users\maba\AppData\Local\CrashRpt
2019-02-21 20:04 - 2019-02-22 13:01 - 000000000 ____D C:\Program Files (x86)\Mafia 2 Multiplayer
2019-02-21 20:04 - 2019-02-21 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia 2 Multiplayer
2019-02-21 12:39 - 2019-02-21 12:39 - 000000000 ____D C:\Users\maba\AppData\LocalLow\Empyrean
2019-02-20 13:05 - 2019-02-20 13:05 - 000000000 ____D C:\Users\maba\AppData\Roaming\LibreOffice
2019-02-20 13:05 - 2019-02-20 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-02-20 13:04 - 2019-02-20 13:05 - 000000000 ____D C:\Program Files\LibreOffice
2019-02-20 12:36 - 2019-02-20 12:38 - 000003560 _____ C:\WINDOWS\System32\Tasks\KMS_VL_ALL
2019-02-20 12:07 - 2019-02-20 12:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-19 12:51 - 2019-02-19 12:51 - 000000000 ____D C:\Users\maba\AppData\LocalLow\Redbeet Interactive
2019-02-18 20:41 - 2019-02-18 21:59 - 000000000 ____D C:\Users\maba\AppData\Roaming\GetRightToGo
2019-02-17 14:14 - 2019-02-17 14:14 - 000000000 ____D C:\Users\maba\AppData\Roaming\2K Sports

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-16 18:59 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-16 18:30 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-16 18:30 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-16 18:20 - 2018-11-05 16:59 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-16 18:20 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-03-16 18:19 - 2018-11-05 20:03 - 000000000 ____D C:\Users\maba\AppData\Local\D3DSCache
2019-03-16 18:15 - 2018-11-05 23:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-03-16 18:15 - 2018-11-05 17:15 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-16 18:15 - 2018-11-05 17:09 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-16 18:14 - 2018-11-05 16:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-16 18:14 - 2018-11-05 16:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-16 18:13 - 2018-11-05 16:54 - 000000000 ____D C:\Users\maba
2019-03-16 13:47 - 2018-11-15 13:35 - 000000000 ____D C:\Users\maba\AppData\Roaming\AIMP
2019-03-16 00:36 - 2018-11-05 20:01 - 000000000 ____D C:\Users\maba\AppData\Roaming\discord
2019-03-15 22:37 - 2019-01-26 20:15 - 000000000 ____D C:\ProgramData\Origin
2019-03-15 22:37 - 2018-11-05 19:25 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-15 22:31 - 2019-01-26 20:15 - 000000000 ____D C:\Users\maba\AppData\Roaming\Origin
2019-03-15 22:30 - 2019-01-26 20:29 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-03-14 16:22 - 2018-12-22 21:56 - 000000000 ____D C:\Users\maba\AppData\Roaming\Azureus
2019-03-14 15:07 - 2017-12-24 19:03 - 000000000 ____D C:\Users\maba\Desktop\Hry
2019-03-14 14:39 - 2017-10-14 11:50 - 000000000 ____D C:\Users\maba\Documents\My Games
2019-03-14 01:12 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-14 01:11 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-13 12:58 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-13 12:56 - 2018-11-05 19:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 12:56 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-13 12:56 - 2018-09-15 08:36 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 12:54 - 2018-11-05 19:05 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-13 12:47 - 2018-11-23 13:08 - 000000000 ____D C:\Users\maba\AppData\Local\CrashDumps
2019-03-12 18:31 - 2018-11-05 20:01 - 000000000 ____D C:\Users\maba\AppData\Local\Discord
2019-03-12 18:31 - 2017-10-01 16:43 - 000000000 ____D C:\Users\maba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-03-12 18:07 - 2018-11-23 13:21 - 000000000 ____D C:\Users\maba\AppData\Roaming\vlc
2019-03-12 17:48 - 2019-01-13 20:45 - 000000000 ____D C:\Users\maba\AppData\Roaming\VideoProc
2019-03-12 01:17 - 2019-02-02 01:01 - 000000000 ____D C:\Users\maba\AppData\Roaming\ViberPC
2019-03-11 00:30 - 2018-11-05 23:29 - 000000000 ____D C:\Users\maba\AppData\Roaming\TeamViewer
2019-03-10 16:34 - 2018-11-05 19:54 - 000000000 ____D C:\Program Files\Rockstar Games
2019-03-10 16:34 - 2018-11-05 19:54 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-03-10 16:12 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-10 16:08 - 2017-12-09 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-10 16:03 - 2019-02-07 15:49 - 000000000 ____D C:\Users\maba\Kokotiny
2019-03-10 16:03 - 2017-12-24 19:09 - 000000000 ____D C:\Users\maba\Desktop\Programy
2019-03-10 15:04 - 2019-01-29 19:18 - 000000000 ____D C:\Users\maba\AppData\Local\UnrealEngine
2019-03-09 22:27 - 2019-01-31 16:42 - 000000000 ____D C:\Users\maba\AppData\Local\Ubisoft Game Launcher
2019-03-09 22:12 - 2018-06-25 17:08 - 000000000 ____D C:\Users\maba\Documents\Euro Truck Simulator 2
2019-03-09 12:13 - 2018-11-05 16:57 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1703468806-2507580088-2124554830-1000
2019-03-09 12:13 - 2018-11-05 16:54 - 000002368 _____ C:\Users\maba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-09 12:13 - 2017-12-26 22:50 - 000000000 ___RD C:\Users\maba\OneDrive
2019-03-08 16:52 - 2019-01-26 20:19 - 000000000 ____D C:\Program Files (x86)\Origin
2019-03-07 23:00 - 2019-02-02 01:02 - 000000000 ____D C:\Users\maba\Documents\ViberDownloads
2019-03-07 17:34 - 2018-11-05 20:01 - 000000000 ____D C:\Users\maba\AppData\Local\SquirrelTemp
2019-03-07 01:38 - 2018-11-05 16:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-07 01:38 - 2017-12-26 22:48 - 000000000 ___RD C:\Users\maba\3D Objects
2019-03-07 01:37 - 2018-09-15 17:24 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-03-07 01:37 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-07 01:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-07 01:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-07 01:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-07 01:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-06 19:12 - 2017-10-03 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-03-06 19:07 - 2017-10-20 11:43 - 000000000 ____D C:\Users\maba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-03-06 17:03 - 2018-11-05 23:32 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-03-06 12:33 - 2018-11-05 16:55 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-03-05 16:36 - 2018-11-21 18:20 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-05 16:36 - 2018-11-21 18:20 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-05 16:36 - 2018-11-21 18:20 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-05 16:36 - 2018-11-21 18:20 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-05 16:36 - 2018-11-21 18:20 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-05 16:36 - 2018-11-21 18:20 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-05 16:36 - 2018-11-21 18:20 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-04 23:33 - 2018-11-05 16:55 - 000000020 ___SH C:\Users\maba\ntuser.ini
2019-03-04 23:31 - 2018-09-15 08:33 - 000000000 __SHD C:\Users\Public\Libraries
2019-03-04 22:43 - 2018-11-05 17:27 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-04 22:43 - 2018-11-05 17:27 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-04 12:41 - 2018-11-05 19:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-02 03:29 - 2017-11-09 04:25 - 005042904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-03-01 11:42 - 2018-01-08 14:39 - 000000000 ____D C:\AdwCleaner
2019-03-01 11:36 - 2018-11-21 18:20 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-03-01 11:36 - 2017-11-09 03:57 - 000049834 _____ C:\WINDOWS\system32\nvinfo.pb
2019-03-01 08:15 - 2018-11-05 17:09 - 005364592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-03-01 08:15 - 2018-11-05 17:09 - 002625008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-03-01 08:15 - 2018-11-05 17:09 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-03-01 08:15 - 2018-11-05 17:09 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-03-01 08:15 - 2018-11-05 17:09 - 000450872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-03-01 08:15 - 2018-11-05 17:09 - 000125424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-03-01 08:15 - 2018-11-05 17:09 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-02-28 12:37 - 2017-12-24 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-26 11:36 - 2018-11-05 17:09 - 008514902 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-02-26 00:47 - 2018-11-21 18:22 - 000000000 ____D C:\Users\maba\AppData\Local\NVIDIA Corporation
2019-02-24 19:26 - 2019-02-01 14:45 - 000000000 ____D C:\Users\maba\.android
2019-02-24 13:44 - 2018-11-05 16:55 - 000000000 ____D C:\Users\maba\AppData\Local\VirtualStore
2019-02-22 22:21 - 2018-11-05 16:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-20 12:16 - 2018-11-05 16:55 - 000000000 ____D C:\Users\maba\AppData\Local\Packages
2019-02-20 12:07 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-20 12:06 - 2018-11-10 15:52 - 000000000 ____D C:\Users\maba\AppData\Local\GHISLER

==================== Files in the root of some directories =======

2019-01-14 15:57 - 2019-01-14 15:57 - 000007605 _____ () C:\Users\maba\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2019-03-10 21:40 - 2019-03-14 16:22 - 000079904 _____ () C:\Users\maba\AppData\Local\Temp\i4jdel0.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.03.2019 01
Ran by maba (16-03-2019 19:10:54)
Running from C:\Users\maba\Desktop
Windows 10 Pro Version 1809 17763.379 (X64) (2018-11-05 15:55:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1703468806-2507580088-2124554830-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1703468806-2507580088-2124554830-503 - Limited - Disabled)
Guest (S-1-5-21-1703468806-2507580088-2124554830-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1703468806-2507580088-2124554830-1002 - Limited - Enabled)
maba (S-1-5-21-1703468806-2507580088-2124554830-1000 - Administrator - Enabled) => C:\Users\maba
WDAGUtilityAccount (S-1-5-21-1703468806-2507580088-2124554830-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
AIMP2: Audio Tools (HKLM-x32\...\AIMP2at) (Version: - AIMP DevTeam)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2018 (HKLM-x32\...\{4209F371-DBD7-A4A8-3604-A669D1DB15F3}_is1) (Version: 15.00.05 - Ashampoo GmbH & Co. KG)
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.45.10 - Bethesda Softworks)
CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
DiRT Rally 2 0 (HKLM-x32\...\DiRT Rally 2 0_is1) (Version: - )
Discord (HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FreeRIP MP3 Converter 5.7.1.1 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.7.1.1 - GreenTree Applications SRL)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hybrid verze 0.2.3 (HKLM\...\{CE16C5A3-F700-4B35-A58C-99429D7E3240}_is1) (Version: 0.2.3 - Selurs Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Leisure Suit Larry Wet Dreams Dont Dry (HKLM-x32\...\Leisure Suit Larry Wet Dreams Dont Dry_is1) (Version: - )
LibreOffice 6.2.0.3 (HKLM\...\{AD0844DC-C933-4D00-814A-3B7AAD254098}) (Version: 6.2.0.3 - The Document Foundation)
Malwarebytes verzia 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft OneDrive (HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Need for Speed Most Wanted (black edition) (HKLM-x32\...\Need for Speed Most Wanted (black edition)) (Version: 1.3 - Electronic Arts)
NVIDIA Grafický ovládač 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.35 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.35.22222 - Electronic Arts, Inc.)
OverDisk (remove only) (HKLM-x32\...\OverDisk) (Version: - )
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
Parkitect (HKLM-x32\...\Parkitect_is1) (Version: - )
ProtonVPN (HKLM-x32\...\{0FF07592-491C-4938-8F13-82BBE69EE141}) (Version: 1.7.4 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.7.4) (Version: 1.7.4 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raft v1.03 (HKLM-x32\...\vsetop.org Raft v1.03_is1) (Version: 1.03 - vsetop.org)
RAGE Multiplayer (HKLM-x32\...\{6FE30B47-2577-43AD-9095-1861CA25889C}) (Version: 1.0.0.0 - Adam)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Resident Evil 2 (HKLM-x32\...\Resident Evil 2_is1) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 81.0 - Ubisoft)
Viber (HKLM-x32\...\{E5AA947D-110B-492B-A71B-DA111290BA87}) (Version: 9.9.6.53 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\{c00b42e6-072e-4993-bd15-e6fd61f4ce4f}) (Version: 9.9.6.53 - Viber Media Inc.)
VideoProc (HKLM-x32\...\VideoProc) (Version: 3.2 - Digiarty, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WhatsApp (HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\WhatsApp) (Version: 0.3.2276 - WhatsApp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1703468806-2507580088-2124554830-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-01-23] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-01-23] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B08BB4-D93F-41A4-8046-E56E57F42AA6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {06D19906-BD09-4FBE-9E06-A7A6628F3AC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0764C7A4-B182-4122-9D25-26D6D74F7466} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {142DA056-DD28-4E82-8326-120C13855BAD} - System32\Tasks\KMS_VL_ALL => C:\Program [Argument = Files\Attivatore Office 0365-2016-2019\KMS-VL-ALL.cmd -renewalonly]
Task: {1CCD6392-84EA-4652-BDDE-3970BCF46A14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {25D3C21F-8F64-44F9-9121-46F59DD646F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {264631CE-9DC8-42B4-B88C-D15913D00AAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3031B090-53B4-4AFE-8037-366E8BF58AC1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {621B04FF-180E-4CE1-82AB-ED02D86E8B27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {8A7CFB76-58A4-4AF2-B6CA-49896E44D912} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {97AD1159-4833-4B01-A12F-082557EF539B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C36D477-8527-45DC-A79D-84D391437113} - System32\Tasks\S-1-5-21-1703468806-2507580088-2124554830-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {B4568480-9DFC-4AAD-B8AA-10A6E1749175} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BCEAE9BF-03AE-4660-A4EC-A36308658F00} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2C09CF2-0057-4987-A19B-0236F62AE007} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E2BD1F46-B9A9-44F2-9B48-B4D0B7C2C6F7} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4120404-8929-488E-8AD1-17899D447C2D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F80FF23D-69B5-41FE-A446-A0FFCF8D73AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-15 12:12 - 2019-01-15 12:12 - 000162304 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2018-10-01 09:56 - 2018-10-01 09:56 - 000300032 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\firewall.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-01-26 20:19 - 2019-01-29 12:07 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\maba\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\maba\ntuser.ini:NTV [11710]
AlternateDataStreams: C:\Users\maba\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [446]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\Control Panel\Desktop\\Wallpaper -> c:\users\maba\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\sottr_wallpaper_1920x1080.jpg
DNS Servers: 178.18.68.16
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5F9EA3CB-2A70-4CCC-A6EC-D98431C2DFDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C88FA400-A246-406D-8E03-9E4686B0A94B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{1B2F3D97-00A9-4C23-B0F2-A78FCCF8440E}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{C48CBB3B-C42C-4930-BD6C-BC0DBC306A39}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C6529D7D-74A0-4EB8-AB3F-0FB6811D5BD2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{8DDBE159-F324-4938-80D5-CE1CFECEE1AD}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{BE7132AA-F6C9-4769-8AC8-D3D2884508AD}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69F03561-24E5-40DA-9385-3B91E6CD42A0}] => (Allow) E:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{36326364-D153-4D1F-AAF3-4854A3B6BAA9}] => (Allow) E:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{04FF01D3-F77A-4E9C-889D-1D55C5171480}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D661A71-1642-4A2F-95E4-39247F7B755D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{23C37E1B-A795-4C42-97C2-05DC446964DE}] => (Allow) E:\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{BEB938D7-05FB-4574-ADA4-D2B40BF0B462}] => (Allow) E:\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{5965CB3E-F9AF-4D3C-B5A4-E9F68E1DFFD2}] => (Allow) E:\SteamLibrary\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe () [File not signed]
FirewallRules: [{41987896-7718-49C2-A83F-0CC0778B3A0A}] => (Allow) E:\SteamLibrary\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe () [File not signed]
FirewallRules: [{8944F9A7-2EE2-4632-B0D2-78D9122F9DF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A0340CE3-4A1C-406D-A224-88ED15717E13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{045C649A-0E55-4C7E-A875-CCD77A0E919B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C3004FD9-1AF4-4C81-B46B-22A04C68398F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{50FCEB2E-E590-4A2E-9DB1-E5354196F629}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{1FCF698C-5648-4AED-AFC3-649456CC1291}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{201C0F5C-0F52-4A62-8601-29D062BAB76B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D5102775-5D83-4607-8D7F-9370F2EA34EF}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{45057440-1F9B-41DB-9F5F-C277070340DE}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D39845F1-1550-40D5-8C69-9B6D8E91A4CB}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2117790C-FFE1-4DE5-A9A5-DC05A9972ECF}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{53925790-77EA-4E6E-B745-41B11DD9C0CE}] => (Allow) E:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{39D968DE-F0B7-4D43-B4DB-E6ACA62F56FE}] => (Allow) E:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{583FFD5F-3388-4322-97E5-E040E2276B71}] => (Allow) E:\SteamLibrary\steamapps\common\Cuisine Royale\eac_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{58B0A66D-AB8C-4323-802B-144D45BD56D3}] => (Allow) E:\SteamLibrary\steamapps\common\Cuisine Royale\eac_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D85DCB75-C59E-4664-AAA7-B94372954F11}] => (Allow) E:\SteamLibrary\steamapps\common\Tennis Elbow 2013\TennisElbow.exe (Emmanuel Rivoire -> Mana Games)
FirewallRules: [{E5950BBF-A673-4A1E-9255-87623CC231E9}] => (Allow) E:\SteamLibrary\steamapps\common\Tennis Elbow 2013\TennisElbow.exe (Emmanuel Rivoire -> Mana Games)
FirewallRules: [{BD2E9CAE-1995-474B-B432-5E2D687F7FBA}] => (Allow) E:\SteamLibrary\steamapps\common\Tennis Elbow 2013\Config.exe (Emmanuel Rivoire -> Mana Games)
FirewallRules: [{2DA346F8-C9E1-405B-B9AF-D88C927FCEC5}] => (Allow) E:\SteamLibrary\steamapps\common\Tennis Elbow 2013\Config.exe (Emmanuel Rivoire -> Mana Games)
FirewallRules: [{570E5BD8-F4F8-4E86-BA5E-5FA4C16B2535}] => (Allow) E:\SteamLibrary\steamapps\common\GenitalJousting\GenitalJousting.exe () [File not signed]
FirewallRules: [{BFCA677D-B363-4E3F-8664-C4EA6DF14AB5}] => (Allow) E:\SteamLibrary\steamapps\common\GenitalJousting\GenitalJousting.exe () [File not signed]
FirewallRules: [TCP Query User{E4064D07-A54B-49E2-AA4E-0445F465249E}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{799F938A-2BC1-4D3F-BFDF-99FC6964DAC5}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{8E10CBB7-B54A-48AD-AA8E-6DB52D3E0DDE}] => (Allow) E:\SteamLibrary\steamapps\common\Blast Zone! Tournament\BZ.exe () [File not signed]
FirewallRules: [{D425C449-9AA4-43EF-B7AF-DE651D43F265}] => (Allow) E:\SteamLibrary\steamapps\common\Blast Zone! Tournament\BZ.exe () [File not signed]
FirewallRules: [TCP Query User{0BA4143C-8ECA-48B9-8A4E-D62E93BB3842}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{8FD38DF1-306A-4A04-8648-5D175F734073}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B032CB9F-9125-4D05-918B-D795C82443FA}] => (Allow) E:\SteamLibrary\steamapps\common\Little Dog\Little Dog.exe (The NWJS Community) [File not signed]
FirewallRules: [{F4278D52-8BEC-4B48-9309-3E1D37B967A8}] => (Allow) E:\SteamLibrary\steamapps\common\Little Dog\Little Dog.exe (The NWJS Community) [File not signed]
FirewallRules: [{463C0DBF-9D1E-45C5-996E-F886DF0A1FF1}] => (Allow) E:\SteamLibrary\steamapps\common\Prince of Persia The Warrior Within\PrinceOfPersia.exe (UBISOFT) [File not signed]
FirewallRules: [{8891B4E5-2B01-43A3-BE83-DF2176920511}] => (Allow) E:\SteamLibrary\steamapps\common\Prince of Persia The Warrior Within\PrinceOfPersia.exe (UBISOFT) [File not signed]
FirewallRules: [{AA1F17DF-B105-4DF5-BD2D-BFF59FB42BFF}] => (Allow) E:\SteamLibrary\steamapps\common\Thief Deadly Shadows\System\runme.exe () [File not signed]
FirewallRules: [{2A8C99EF-0663-4FDB-BAC5-99C71BE8ABE0}] => (Allow) E:\SteamLibrary\steamapps\common\Thief Deadly Shadows\System\runme.exe () [File not signed]
FirewallRules: [TCP Query User{222F0AA0-E6B6-4335-8D91-0AC7A97CF503}C:\users\maba\desktop\programy\anydesk.exe] => (Allow) C:\users\maba\desktop\programy\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{FA58FF60-A244-4657-80C0-18299B4DA0CC}C:\users\maba\desktop\programy\anydesk.exe] => (Allow) C:\users\maba\desktop\programy\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [{16F22F3A-EAA6-4D10-8948-28C1E2492CF7}] => (Allow) E:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{B240E56A-B78F-4ED6-B8F7-4773B8CC25DC}] => (Allow) E:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{BE712BE3-A1C8-4A6B-9A2C-F547EE80C9A2}] => (Allow) E:\SteamLibrary\steamapps\common\All-Star Fruit Racing\AllStarFruitRacing.exe () [File not signed]
FirewallRules: [{A36D2C31-C154-4E2F-B376-227BDA72D099}] => (Allow) E:\SteamLibrary\steamapps\common\All-Star Fruit Racing\AllStarFruitRacing.exe () [File not signed]
FirewallRules: [TCP Query User{FF90F85F-45BB-4FE6-A7BF-D4CDF730416C}E:\steamlibrary\steamapps\common\all-star fruit racing\allstarfruitracing\binaries\win64\allstarfruitracing-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\all-star fruit racing\allstarfruitracing\binaries\win64\allstarfruitracing-win64-shipping.exe (PQube Limited) [File not signed]
FirewallRules: [UDP Query User{E78E5C05-2430-4098-BAE2-FC8D488BC7A1}E:\steamlibrary\steamapps\common\all-star fruit racing\allstarfruitracing\binaries\win64\allstarfruitracing-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\all-star fruit racing\allstarfruitracing\binaries\win64\allstarfruitracing-win64-shipping.exe (PQube Limited) [File not signed]
FirewallRules: [{226AC1A4-28DD-4371-BF6C-C50B2C52FE3D}] => (Allow) E:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B7B71CF6-4154-4F75-9BFD-449FE87952B3}] => (Allow) E:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{07B52D1A-311F-4D54-8669-07DA7CADBE24}] => (Allow) E:\SteamLibrary\steamapps\common\Millie\Millie.exe () [File not signed]
FirewallRules: [{4572A8C8-B072-4596-BBFE-CBC7C775EB1F}] => (Allow) E:\SteamLibrary\steamapps\common\Millie\Millie.exe () [File not signed]
FirewallRules: [{E9E29801-7BC8-4BE9-8D55-283138652278}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{6E96B9AB-EB0F-4F78-A64B-D287D79DABF6}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{6EC9C9AE-3A61-449C-89A8-08BA8B456D5E}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia III\launcher.exe (2K Games) [File not signed]
FirewallRules: [{760626CB-A171-43C1-8410-D73D6C7A312D}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia III\launcher.exe (2K Games) [File not signed]
FirewallRules: [TCP Query User{769CE25F-0627-4041-993B-439C2388926E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{C3760F5A-4349-4153-B642-AC5F0425C4E2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{50B2619F-F351-457A-BAA3-9B218960BE88}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{503A4D77-51FB-4F4D-9050-4BAA7E24D8AD}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{AA041EAE-867A-4F8E-93BF-54C1558E9303}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FF5ECD7D-D9A8-42C1-9BFD-0921A045A2BC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{162309BD-2B8D-4E13-A872-338234BED744}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C383AF49-F6D8-46D4-8F6A-011E3AE572D7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{12C760CE-FDAE-44E3-AA69-81F6A3D1D648}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{7C7D3F1A-586C-41C3-ACFD-A72494A4F702}E:\stiahnute\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\stiahnute\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{8465D3ED-F77A-492B-A417-4678644FB2CC}E:\stiahnute\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\stiahnute\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{AEA16D99-3835-44B7-BA7D-F859B94BF873}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{705B4C87-EF9F-4E52-AB9D-2F3C9ED69646}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A861D1A2-A682-4F4A-AF20-5FBCEC1F967F}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F312E614-510B-4F2F-9AA9-4E2F9748DDA0}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EFD5D503-C8F0-4B49-973D-278D864C82A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{249DE7A4-2BF2-4793-A2A4-62B0437985A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F603B865-8487-4640-BBA7-570B451F4A31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{268FD784-EE1B-4001-8509-8985574CAADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8B238E75-2C4E-4957-ABB6-0C0054067F74}] => (Allow) E:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2EB684A5-5855-4233-B991-FF1EF55A0920}] => (Allow) E:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{44CC09A0-09E5-4379-9B74-BB6A562694D1}] => (Allow) E:\Origin\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3DD1C4A7-2E30-41CD-8C96-26C2C6B3DC1A}] => (Allow) E:\Origin\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{EA8F1F64-65E4-4E9A-8B07-EDEABD0F57F3}E:\origin\apex\r5apex.exe] => (Allow) E:\origin\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{94DD6C10-BFAE-46B9-AD1D-993CD9A89DCC}E:\origin\apex\r5apex.exe] => (Allow) E:\origin\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{8E69BE25-B0C9-4A2B-A919-8D8B7391E0DB}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D57364E9-B09A-49BB-B199-955DF9857A33}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9C3C238B-A6CA-4647-9668-05FF5287D609}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4F79DB0E-D313-45ED-83C5-093E35AA0A5F}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{696DEE2C-73B9-441E-BDB7-E63A43DDE911}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{8D093DC0-1E25-4F54-92E8-472242C93538}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Intel(R) HD Graphics 4600
Description: Intel(R) HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HID-compliant headset
Description: HID-compliant headset
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2019 12:46:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AvLaunch.exe, verzia: 19.2.4186.0, časová značka: 0x5c584a7b
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.17763.348, časová značka: 0x26a80883
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000006e91e
Identifikácia chybujúceho procesu: 0x12a4
Čas spustenia chybujúcej aplikácie: 0x01d4d9926ffcd100
Cesta chybujúcej aplikácie: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 7507c343-55ec-4c56-9854-3fe17489a0d5
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/12/2019 12:27:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AvLaunch.exe, verzia: 19.2.4186.0, časová značka: 0x5c584a7b
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.17763.348, časová značka: 0x26a80883
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000006e91e
Identifikácia chybujúceho procesu: 0x2b7c
Čas spustenia chybujúcej aplikácie: 0x01d4d8c6873f115d
Cesta chybujúcej aplikácie: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: e88b58da-1fb2-48a0-b64b-2b5cb9384563
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/11/2019 12:22:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AvLaunch.exe, verzia: 19.2.4186.0, časová značka: 0x5c584a7b
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.17763.348, časová značka: 0x26a80883
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000006e91e
Identifikácia chybujúceho procesu: 0x1444
Čas spustenia chybujúcej aplikácie: 0x01d4d7fcbdb3ea11
Cesta chybujúcej aplikácie: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 176e8666-acab-4116-a689-5c0397e8982c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/10/2019 04:24:14 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (03/09/2019 10:15:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: upc.exe, verzia: 85.0.0.6025, časová značka: 0x5c7435c4
Názov chybujúceho modulu: d3d9.dll, verzia: 10.0.17763.1, časová značka: 0x9ec0ce62
Kód výnimky: 0xc0000409
Odstup chyby: 0x00093af3
Identifikácia chybujúceho procesu: 0x1d14
Čas spustenia chybujúcej aplikácie: 0x01d4d6bd2bb19cf5
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\d3d9.dll
Identifikácia hlásenia: bc2c7925-0690-4910-b4bd-4458252548c7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/06/2019 07:08:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: OverDisk.exe, verzia: 0.11.0.0, časová značka: 0x030f32c6
Názov chybujúceho modulu: OverDisk.exe, verzia: 0.11.0.0, časová značka: 0x030f32c6
Kód výnimky: 0xc0000005
Odstup chyby: 0x000c2022
Identifikácia chybujúceho procesu: 0x1640
Čas spustenia chybujúcej aplikácie: 0x01d4d445bea8608e
Cesta chybujúcej aplikácie: C:\Program Files (x86)\OverDisk\OverDisk.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\OverDisk\OverDisk.exe
Identifikácia hlásenia: c82d6128-0c58-4837-a001-2a7d9fde14c0
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/06/2019 07:08:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: OverDisk.exe, verzia: 0.11.0.0, časová značka: 0x030f32c6
Názov chybujúceho modulu: OverDisk.exe, verzia: 0.11.0.0, časová značka: 0x030f32c6
Kód výnimky: 0xc0000005
Odstup chyby: 0x000c2022
Identifikácia chybujúceho procesu: 0x1640
Čas spustenia chybujúcej aplikácie: 0x01d4d445bea8608e
Cesta chybujúcej aplikácie: C:\Program Files (x86)\OverDisk\OverDisk.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\OverDisk\OverDisk.exe
Identifikácia hlásenia: f92ed347-e643-4799-acdd-2294d7f65b69
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/26/2019 12:51:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wwahost.exe, verzia: 10.0.17763.1, časová značka: 0xce9365c3
Názov chybujúceho modulu: wwahost.exe, verzia: 10.0.17763.1, časová značka: 0xce9365c3
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000039623
Identifikácia chybujúceho procesu: 0xa54
Čas spustenia chybujúcej aplikácie: 0x01d4cdc98ad6f9b7
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wwahost.exe
Cesta chybujúceho modulu: C:\WINDOWS\system32\wwahost.exe
Identifikácia hlásenia: 3b641e6d-6a49-4bb7-8173-c68c260fed56
Celé meno chybujúceho balíka: Microsoft.Windows.CloudExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App


System errors:
=============
Error: (03/16/2019 06:16:35 PM) (Source: DCOM) (EventID: 10016) (User: maba-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user maba-PC\maba SID (S-1-5-21-1703468806-2507580088-2124554830-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/16/2019 06:15:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby SstpSvc, od ktorej závisí služba RasMan, zlyhalo kvôli nasledujúcej chybe:
The operation completed successfully.

Error: (03/16/2019 06:15:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/16/2019 06:15:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/16/2019 06:15:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/16/2019 06:14:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMChameleon zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (03/16/2019 06:13:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba SysMain bola ukončená s nasledujúcou chybou:
The handle is invalid.

Error: (03/16/2019 06:13:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby SstpSvc, od ktorej závisí služba RasMan, zlyhalo kvôli nasledujúcej chybe:
The operation completed successfully.


Windows Defender:
===================================
Date: 2019-03-11 19:29:31.238
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F9C33BC3-0711-4388-A921-8AD0906474A7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-03-01 11:40:10.494
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5D2FD152-3641-4C22-9007-153EFA1A1A18}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-02-28 20:05:39.392
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6A5E7528-4BE4-4870-B487-EC2152256FFF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-02-24 15:21:22.645
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B7FF15F7-F1F0-48F0-90F1-25D6CCA99C9E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-02-20 12:39:26.561
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/AutoKMS
ID: 2147685180
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Program Files\KMSpico\I7GLYGSA0R8.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\KMSpico\A4MFUO.exe
Signature Version: AV: 1.287.351.0, AS: 1.287.351.0, NIS: 1.287.351.0
Engine Version: AM: 1.1.15700.8, NIS: 1.1.15700.8

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 48%
Total physical RAM: 8090.46 MB
Available physical RAM: 4162.07 MB
Total Virtual: 9754.46 MB
Available Virtual: 4617.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.93 GB) (Free:64.84 GB) NTFS
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:51.35 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{79fa1db1-0000-0000-0000-b0bb1b000000}\ () (Fixed) (Total:0.86 GB) (Free:0.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 79FA1DB1)
Partition 1: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=876 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 767010F2)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Diallix]

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.) [File not signed]
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\MountPoints2: {b7253ed3-5cdd-11e8-8119-1c1b0d3ce055} - "H:\HiSuiteDownLoader.exe" 
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-16 18:15 - 2018-11-05 17:15 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-10 21:40 - 2019-03-14 16:22 - 000079904 _____ () C:\Users\maba\AppData\Local\Temp\i4jdel0.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {142DA056-DD28-4E82-8326-120C13855BAD} - System32\Tasks\KMS_VL_ALL => C:\Program [Argument = Files\Attivatore Office 0365-2016-2019\KMS-VL-ALL.cmd -renewalonly]
Task: {621B04FF-180E-4CE1-82AB-ED02D86E8B27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {25D3C21F-8F64-44F9-9121-46F59DD646F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\Users\maba\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\maba\ntuser.ini:NTV [11710]
AlternateDataStreams: C:\Users\maba\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [446]
EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[Diallix]

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.) [File not signed]
HKU\S-1-5-21-1703468806-2507580088-2124554830-1000\...\MountPoints2: {b7253ed3-5cdd-11e8-8119-1c1b0d3ce055} - "H:\HiSuiteDownLoader.exe" 
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-13 12:57 - 2019-03-13 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-16 18:15 - 2018-11-05 17:15 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-10 21:40 - 2019-03-14 16:22 - 000079904 _____ () C:\Users\maba\AppData\Local\Temp\i4jdel0.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {142DA056-DD28-4E82-8326-120C13855BAD} - System32\Tasks\KMS_VL_ALL => C:\Program [Argument = Files\Attivatore Office 0365-2016-2019\KMS-VL-ALL.cmd -renewalonly]
Task: {621B04FF-180E-4CE1-82AB-ED02D86E8B27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {25D3C21F-8F64-44F9-9121-46F59DD646F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\Users\maba\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\maba\ntuser.ini:NTV [11710]
AlternateDataStreams: C:\Users\maba\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [446]
EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.