Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivnu kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Prosím o preventivnu kontrolu

#1 Příspěvek od PureHate44 »

žiadne vážnejšie problémy s PC nemám.... Ďakujem za kontrolu :-)

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2019-08-26 13:10:52
Microsoft Windows 10 Home
System drive C: has 137 GB (56%) free of 244 GB
Total RAM: 16335 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:10:54, on 26. 8. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
D:\Games\TxGameAssistant\AppMarket\AppMarket.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Games\TxGameAssistant\AppMarket\QQExternal.exe
C:\Users\PC\AppData\Roaming\uTorrent\updates\3.5.5_45311\utorrentie.exe
C:\Users\PC\AppData\Roaming\uTorrent\updates\3.5.5_45311\utorrentie.exe
C:\Users\PC\AppData\Roaming\uTorrent\helper\helper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QMEmulatorService - Tencent - D:\Games\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing)

--
End of file - 8357 bytes

======Listing Processes======









C:\Windows\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
winlogon.exe
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"D:\Games\TxGameAssistant\AppMarket\QMEmulatorService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
atieclxx

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Windows\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"


c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
"C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe"
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
D:\Games\TxGameAssistant\AppMarket\AppMarket.exe -launchtray
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\PC\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\PC\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\PC\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=76.0.3809.100 --initial-client-data=0x98,0x9c,0xa0,0x90,0xa4,0x7ffe48ffef08,0x7ffe48ffef18,0x7ffe48ffef28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8500 --on-initialized-event-handle=60 --parent-handle=220 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --gpu-preferences=IAAAAAAAAADgAAAwAAAAAAAAYAAAAAAACAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --service-request-channel-token=5040188410600959644 --mojo-platform-channel-handle=1536 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --service-sandbox-type=network --service-request-channel-token=579906210161877735 --mojo-platform-channel-handle=1836 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=1868302256687239655 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2764 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=246587123727617766 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3004 /prefetch:1
"C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"D:\Games\TxGameAssistant\AppMarket\QQExternal.exe" /load=CefSubProcess.dll --high-dpi-support=1 --type=renderer --disable-gpu-compositing --enable-begin-frame-scheduling --no-sandbox --disable-direct-write --client-id=gfwebctrl --enable-deferred-image-decoding --lang=en-US --lang=sk-SK --log-severity=disable --product-version="Tencent AppMarket/4.8 GameCenter" --device-scale-factor=1,00 --client-id=gfwebctrl --frame-rate=15 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8408 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="8408.0.1637140767\508238022" /prefetch:673131151
"C:\Users\PC\AppData\Roaming\uTorrent\updates\3.5.5_45311\utorrentie.exe" uTorrent_8040_00AACAE0_1466996004 µTorrent4823DF041B09 uTorrent
"C:\Users\PC\AppData\Roaming\uTorrent\updates\3.5.5_45311\utorrentie.exe" uTorrent_8040_00AAC458_1493453581 µTorrent4823DF041B09 uTorrent
"C:\Users\PC\AppData\Roaming\uTorrent\helper\helper.exe" 41975 -- -pid 8040 -version 45311
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe"
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\rempl\sedsvc.exe"

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
taskhostw.exe
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k dcomlaunch -p -s DeviceInstall
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --service-sandbox-type=audio --service-request-channel-token=1662931019443192690 --mojo-platform-channel-handle=4976 /prefetch:8
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Windows\system32\AUDIODG.EXE 0x580
"C:\Program Files\rempl\sedlauncher.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12892426392937474768 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1064 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=17733050592987214646 --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=17222113828731096074 --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7940 /prefetch:1
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=8582272399072004864 --renderer-client-id=194 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=9666215090143218412 --renderer-client-id=195 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1148 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5607178685130702067 --renderer-client-id=198 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=8941237266325750117 --renderer-client-id=199 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16401337934984466400 --renderer-client-id=200 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2398399384921807319 --renderer-client-id=201 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5873878524623968885 --renderer-client-id=202 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3486148276450795493 --renderer-client-id=203 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=11645430312239040987 --renderer-client-id=204 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=9104835951876153486 --renderer-client-id=211 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5655336610112416211 --renderer-client-id=220 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6935321489678116176 --renderer-client-id=221 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8712 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=7161553137631640511 --renderer-client-id=228 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=14255100457508659102 --renderer-client-id=232 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,18432103567345509289,11519582114037987897,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=10188920302391816488 --renderer-client-id=233 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8504 /prefetch:1
"C:\Users\PC\Downloads\Programs\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe42_ Global\UsGthrCtrlFltPipeMssGthrPipe42 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ogcga1v8.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.211.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.211.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.211.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.211.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-11-21 535608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-06-02 582008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-06-02 245112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-11-21 457784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-06-02 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-06-02 194424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe [2019-07-29 1821424]
"DAEMON Tools Ultra Agent"=C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [2018-11-16 451952]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-04-30 3152160]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2019-02-10 4034616]
"GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2019-08-06 1678832]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-06-04 22691064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-04-01 645456]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-08-13 19:29:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-08-13 19:29:33 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2019-08-13 19:29:33 ----A---- C:\Windows\SYSWOW64\rdpbase.dll
2019-08-13 19:29:33 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2019-08-13 19:29:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-08-13 19:29:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-08-13 19:29:33 ----A---- C:\Windows\system32\TSWorkspace.dll
2019-08-13 19:29:33 ----A---- C:\Windows\system32\ResetEngine.dll
2019-08-13 19:29:33 ----A---- C:\Windows\system32\rdpbase.dll
2019-08-13 19:29:32 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2019-08-13 19:29:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-08-13 19:29:32 ----A---- C:\Windows\system32\wuuhosdeployment.dll
2019-08-13 19:29:32 ----A---- C:\Windows\system32\iertutil.dll
2019-08-13 19:29:32 ----A---- C:\Windows\system32\EdgeManager.dll
2019-08-13 19:29:32 ----A---- C:\Windows\system32\drivers\uefi.sys
2019-08-13 19:29:32 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-08-13 19:29:32 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 19:29:31 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2019-08-13 19:29:31 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-08-13 19:29:31 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2019-08-13 19:29:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-08-13 19:29:31 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2019-08-13 19:29:31 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2019-08-13 19:29:31 ----A---- C:\Windows\SYSWOW64\AppxPackaging.dll
2019-08-13 19:29:31 ----A---- C:\Windows\system32\wuuhext.dll
2019-08-13 19:29:31 ----A---- C:\Windows\system32\vbscript.dll
2019-08-13 19:29:31 ----A---- C:\Windows\system32\mstscax.dll
2019-08-13 19:29:31 ----A---- C:\Windows\system32\jscript9.dll
2019-08-13 19:29:31 ----A---- C:\Windows\system32\Chakradiag.dll
2019-08-13 19:29:31 ----A---- C:\Windows\system32\hvloader.dll
2019-08-13 19:29:31 ----A---- C:\Windows\system32\hvax64.exe
2019-08-13 19:29:31 ----A---- C:\Windows\system32\drivers\http.sys
2019-08-13 19:29:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-08-13 19:29:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2019-08-13 19:29:30 ----A---- C:\Windows\system32\win32kfull.sys
2019-08-13 19:29:30 ----A---- C:\Windows\system32\win32kbase.sys
2019-08-13 19:29:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-08-13 19:29:30 ----A---- C:\Windows\system32\ieframe.dll
2019-08-13 19:29:30 ----A---- C:\Windows\system32\gdi32full.dll
2019-08-13 19:29:30 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\wuaueng.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\rpcss.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\oleaut32.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\lsasrv.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\jscript9diag.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\jscript.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\Chakra.dll
2019-08-13 19:29:29 ----A---- C:\Windows\system32\hvix64.exe
2019-08-13 19:29:29 ----A---- C:\Windows\system32\AppxPackaging.dll
2019-08-13 19:29:28 ----A---- C:\Windows\system32\wininet.dll
2019-08-13 19:29:28 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2019-08-13 19:29:28 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2019-08-13 19:29:28 ----A---- C:\Windows\system32\msxml6.dll
2019-08-13 19:29:28 ----A---- C:\Windows\system32\EdgeContent.dll
2019-08-13 19:29:28 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2019-08-13 19:29:28 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2019-08-13 19:29:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-08-13 19:29:27 ----A---- C:\Windows\system32\webplatstorageserver.dll
2019-08-13 19:29:27 ----A---- C:\Windows\system32\msvproc.dll
2019-08-13 19:29:27 ----A---- C:\Windows\system32\mshtml.dll
2019-08-13 19:29:27 ----A---- C:\Windows\system32\edgehtml.dll
2019-08-13 19:29:26 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 19:29:26 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2019-08-13 19:29:26 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2019-08-13 19:29:26 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2019-08-13 19:29:26 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 19:29:25 ----A---- C:\Windows\system32\usocore.dll
2019-08-13 19:29:25 ----A---- C:\Windows\system32\usoapi.dll
2019-08-13 19:29:25 ----A---- C:\Windows\system32\updatehandlers.dll
2019-08-13 19:29:23 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 19:29:23 ----A---- C:\Windows\system32\windows.storage.dll
2019-08-13 19:29:23 ----A---- C:\Windows\system32\sppsvc.exe
2019-08-13 19:29:23 ----A---- C:\Windows\system32\rmclient.dll
2019-08-13 19:29:22 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2019-08-13 19:29:22 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2019-08-13 19:29:22 ----A---- C:\Windows\SYSWOW64\tquery.dll
2019-08-13 19:29:22 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2019-08-13 19:29:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-08-13 19:29:22 ----A---- C:\Windows\SYSWOW64\rmclient.dll
2019-08-13 19:29:22 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2019-08-13 19:29:22 ----A---- C:\Windows\system32\wuapi.dll
2019-08-13 19:29:22 ----A---- C:\Windows\system32\tquery.dll
2019-08-13 19:29:22 ----A---- C:\Windows\system32\shell32.dll
2019-08-13 19:29:22 ----A---- C:\Windows\system32\ClipUp.exe
2019-08-13 19:29:22 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2019-08-13 19:29:21 ----A---- C:\Windows\system32\winresume.exe
2019-08-13 19:29:21 ----A---- C:\Windows\system32\winload.exe
2019-08-13 19:29:21 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 19:29:21 ----A---- C:\Windows\system32\Windows.CloudStore.dll
2019-08-13 19:29:21 ----A---- C:\Windows\system32\wevtsvc.dll
2019-08-13 19:29:21 ----A---- C:\Windows\system32\TokenBroker.dll
2019-08-13 19:29:21 ----A---- C:\Windows\system32\tcblaunch.exe
2019-08-13 19:29:21 ----A---- C:\Windows\system32\StartTileData.dll
2019-08-13 19:29:21 ----A---- C:\Windows\system32\reseteng.dll
2019-08-13 19:29:21 ----A---- C:\Windows\system32\CoreShell.dll
2019-08-13 19:29:20 ----A---- C:\Windows\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-08-13 19:29:20 ----A---- C:\Windows\SYSWOW64\MSPhotography.dll
2019-08-13 19:29:20 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-08-13 19:29:20 ----A---- C:\Windows\SYSWOW64\msctf.dll
2019-08-13 19:29:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-08-13 19:29:20 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\wcmsvc.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\twinui.pcshell.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\systemreset.exe
2019-08-13 19:29:20 ----A---- C:\Windows\system32\sppobjs.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\skci.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\NotificationController.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\MusNotification.exe
2019-08-13 19:29:20 ----A---- C:\Windows\system32\MSVideoDSP.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\mssrch.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\msctf.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\drivers\cng.sys
2019-08-13 19:29:20 ----A---- C:\Windows\system32\daxexec.dll
2019-08-13 19:29:20 ----A---- C:\Windows\system32\ci.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\wldp.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\Unistore.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\NetSetupShim.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\NetSetupEngine.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\KerbClientShared.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2019-08-13 19:29:19 ----A---- C:\Windows\SYSWOW64\dcomp.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\xmllite.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\wpx.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\wldp.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\winlogon.exe
2019-08-13 19:29:19 ----A---- C:\Windows\system32\Windows.System.Diagnostics.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\wc_storage.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\vpnike.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\Unistore.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\SyncController.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\SearchIndexer.exe
2019-08-13 19:29:19 ----A---- C:\Windows\system32\QuietHours.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\NotificationControllerPS.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\NgcCtnrSvc.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\NetSetupShim.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\NetSetupEngine.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\MusNotifyIcon.exe
2019-08-13 19:29:19 ----A---- C:\Windows\system32\MusNotificationUx.exe
2019-08-13 19:29:19 ----A---- C:\Windows\system32\musdialoghandlers.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\mssprxy.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\LogonController.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\kerberos.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\KerbClientShared.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\GdiPlus.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\fontsub.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\fontdrvhost.exe
2019-08-13 19:29:19 ----A---- C:\Windows\system32\ExplorerFrame.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\drivers\tpm.sys
2019-08-13 19:29:19 ----A---- C:\Windows\system32\drivers\tcpip.sys
2019-08-13 19:29:19 ----A---- C:\Windows\system32\drivers\pci.sys
2019-08-13 19:29:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-08-13 19:29:19 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-08-13 19:29:19 ----A---- C:\Windows\system32\dnsapi.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\dhcpcore.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\dcomp.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\CoreShellExtFramework.dll
2019-08-13 19:29:19 ----A---- C:\Windows\system32\bcryptprimitives.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\Windows.System.Diagnostics.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\updatepolicy.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\SyncController.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\p2pnetsh.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\P2PGraph.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\P2P.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\offreg.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\newdev.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\NetSetupApi.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\NetDriverInstall.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\ncryptprov.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\mssph.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\hmkd.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2019-08-13 19:29:18 ----A---- C:\Windows\SYSWOW64\ComposableShellProxyStub.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\UsoClient.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\updatepolicy.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\updatecsp.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\tzres.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\t2embed.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\ssdpsrv.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\srms.dat
2019-08-13 19:29:18 ----A---- C:\Windows\system32\SettingsHandlers_Flights.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\SearchFilterHost.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\sdshext.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\sdengin2.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\sdclt.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\ResetEngOnline.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\psmsrv.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\pnrpsvc.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\p2psvc.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\p2pnetsh.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\P2PGraph.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\P2P.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\offreg.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\nlasvc.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\newdev.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\NetSetupSvc.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\NetSetupApi.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\netlogon.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\NetDriverInstall.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\NetCfgNotifyObjectHost.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\ncryptprov.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\mssvp.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\mssph.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\LsaIso.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\kdnet.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\kdcpw.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\iphlpsvc.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\ImplatSetup.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\hmkd.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\DuCsps.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\drvinst.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\drivers\werkernel.sys
2019-08-13 19:29:18 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-08-13 19:29:18 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2019-08-13 19:29:18 ----A---- C:\Windows\system32\drivers\cldflt.sys
2019-08-13 19:29:18 ----A---- C:\Windows\system32\drivers\appid.sys
2019-08-13 19:29:18 ----A---- C:\Windows\system32\dnsrslvr.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\DataStoreCacheDumpTool.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\ComposableShellProxyStub.dll
2019-08-13 19:29:18 ----A---- C:\Windows\system32\bcdedit.exe
2019-08-13 19:29:18 ----A---- C:\Windows\system32\appsruprov.dll
2019-08-10 14:09:35 ----D---- C:\Users\PC\AppData\Roaming\SpinTires MudRunner

======List of files/folders modified in the last 1 month======

2019-08-26 13:10:54 ----D---- C:\Windows\Temp
2019-08-26 13:10:53 ----D---- C:\Program Files\trend micro
2019-08-26 13:10:42 ----D---- C:\Windows\Prefetch
2019-08-26 13:10:34 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2019-08-26 13:10:32 ----D---- C:\Users\PC\AppData\Roaming\IDM
2019-08-26 13:06:00 ----D---- C:\Windows\system32\sru
2019-08-26 12:54:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-08-26 12:44:45 ----D---- C:\Windows\system32\SleepStudy
2019-08-26 12:06:55 ----D---- C:\Program Files\CCleaner
2019-08-26 09:05:51 ----D---- C:\Windows\system32\LogFiles
2019-08-26 09:05:32 ----RD---- C:\Windows\Microsoft.NET
2019-08-25 23:53:31 ----D---- C:\Windows\system32\DriverStore
2019-08-25 23:53:31 ----D---- C:\Windows\system32\drivers
2019-08-25 23:53:31 ----D---- C:\Windows\system32\CatRoot
2019-08-25 23:53:31 ----D---- C:\Windows\INF
2019-08-25 18:48:41 ----D---- C:\Windows\system32\catroot2
2019-08-25 17:09:46 ----D---- C:\Windows\System32
2019-08-25 17:09:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-08-25 17:05:26 ----D---- C:\Windows\AppReadiness
2019-08-25 17:05:26 ----D---- C:\Program Files (x86)\TeamViewer
2019-08-25 16:49:25 ----D---- C:\Users\PC\AppData\Roaming\DMCache
2019-08-25 16:47:56 ----D---- C:\Users\PC\AppData\Roaming\vlc
2019-08-25 14:03:47 ----HD---- C:\Program Files\WindowsApps
2019-08-25 08:17:23 ----D---- C:\Windows\Logs
2019-08-24 06:37:16 ----SHD---- C:\System Volume Information
2019-08-18 20:10:43 ----D---- C:\Windows\system32\config
2019-08-18 06:12:08 ----D---- C:\Windows\WinSxS
2019-08-13 20:09:53 ----SD---- C:\Windows\system32\UNP
2019-08-13 20:09:53 ----D---- C:\Windows\TextInput
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\zu-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\yo-NG
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\xh-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\wo-SN
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\uz-Latn-UZ
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\tn-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\ti-ET
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\tg-Cyrl-TJ
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\sr-Cyrl-RS
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\sr-Cyrl-BA
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\sk-SK
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\sd-Arab-PK
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\rw-RW
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\quc-Latn-GT
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\pa-Arab-PK
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\nso-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\ku-Arab-IQ
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\ig-NG
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\chr-CHER-US
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\ha-Latn-NG
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\en-US
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\ca-ES-valencia
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\bs-Latn-BA
2019-08-13 20:09:53 ----D---- C:\Windows\SYSWOW64\az-Latn-AZ
2019-08-13 20:09:53 ----D---- C:\Windows\SysWOW64
2019-08-13 20:09:53 ----D---- C:\Windows\system32\zu-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\system32\yo-NG
2019-08-13 20:09:53 ----D---- C:\Windows\system32\xh-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\system32\wo-SN
2019-08-13 20:09:53 ----D---- C:\Windows\system32\wbem
2019-08-13 20:09:53 ----D---- C:\Windows\system32\uz-Latn-UZ
2019-08-13 20:09:53 ----D---- C:\Windows\system32\tn-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\system32\ti-ET
2019-08-13 20:09:53 ----D---- C:\Windows\system32\tg-Cyrl-TJ
2019-08-13 20:09:53 ----D---- C:\Windows\system32\sr-Cyrl-RS
2019-08-13 20:09:53 ----D---- C:\Windows\system32\sr-Cyrl-BA
2019-08-13 20:09:53 ----D---- C:\Windows\system32\sk-SK
2019-08-13 20:09:53 ----D---- C:\Windows\system32\sd-Arab-PK
2019-08-13 20:09:53 ----D---- C:\Windows\system32\rw-RW
2019-08-13 20:09:53 ----D---- C:\Windows\system32\quc-Latn-GT
2019-08-13 20:09:53 ----D---- C:\Windows\system32\pa-Arab-PK
2019-08-13 20:09:53 ----D---- C:\Windows\system32\oobe
2019-08-13 20:09:53 ----D---- C:\Windows\system32\nso-ZA
2019-08-13 20:09:53 ----D---- C:\Windows\system32\ku-Arab-IQ
2019-08-13 20:09:53 ----D---- C:\Windows\system32\ig-NG
2019-08-13 20:09:53 ----D---- C:\Windows\system32\chr-CHER-US
2019-08-13 20:09:53 ----D---- C:\Windows\system32\ha-Latn-NG
2019-08-13 20:09:53 ----D---- C:\Windows\system32\en-US
2019-08-13 20:09:53 ----D---- C:\Windows\system32\drivers\sk-SK
2019-08-13 20:09:53 ----D---- C:\Windows\system32\drivers\en-US
2019-08-13 20:09:53 ----D---- C:\Windows\system32\ca-ES-valencia
2019-08-13 20:09:53 ----D---- C:\Windows\system32\bs-Latn-BA
2019-08-13 20:09:53 ----D---- C:\Windows\system32\Boot
2019-08-13 20:09:53 ----D---- C:\Windows\system32\az-Latn-AZ
2019-08-13 20:09:53 ----D---- C:\Windows\ShellExperiences
2019-08-13 20:09:53 ----D---- C:\Windows\Provisioning
2019-08-13 20:09:53 ----D---- C:\Windows\bcastdvr
2019-08-13 20:09:53 ----D---- C:\Program Files\internet explorer
2019-08-13 20:09:53 ----D---- C:\Program Files (x86)\Internet Explorer
2019-08-13 19:31:14 ----D---- C:\Windows\CbsTemp
2019-08-13 19:29:10 ----D---- C:\Windows\system32\MRT
2019-08-13 19:27:47 ----AC---- C:\Windows\system32\MRT.exe
2019-08-10 14:09:35 ----D---- C:\Program Files (x86)\Steam
2019-08-10 10:56:44 ----D---- C:\Windows\SoftwareDistribution
2019-08-10 10:56:44 ----D---- C:\Windows
2019-08-10 09:18:38 ----D---- C:\Windows\debug
2019-08-09 22:58:08 ----D---- C:\Windows\system32\Tasks
2019-08-02 12:42:43 ----SHD---- C:\Windows\Installer
2019-08-02 12:42:41 ----D---- C:\Program Files\rempl

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2019-01-01 93240]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2019-01-01 33336]
R0 amdkmpfd;@oem29.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2019-01-01 110392]
R0 amdpsp;@oem27.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2019-01-01 137688]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\Windows\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2019-01-01 27552]
R2 aow_drv;aow_drv; \??\D:\Games\TxGameAssistant\UI\2.0.8541.123\aow_drv_x64_ev.sys [2019-03-15 859240]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2019-07-09 414720]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2018-12-20 229296]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2019-03-14 82432]
R3 amdgpio2;@oem18.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio2.sys [2019-01-01 34568]
R3 amdgpio3;@oem21.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio3.sys [2019-01-01 24288]
R3 amdkmdag;amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmdag.sys [2019-01-10 52749408]
R3 amdkmdap;amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmpag.sys [2019-01-10 590432]
R3 AMDPCIDev;@oem20.inf,%AMDPCIDev.SVCDESC%;AMD PCI; C:\Windows\System32\drivers\AMDPCIDev.sys [2019-01-01 31704]
R3 AtiHDAudioService;@oem24.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWT6.sys [2019-01-01 107400]
R3 dtultrascsibus;@oem16.inf,%DTULTRASCSIBUS.DeviceDesc%;DAEMON Tools Ultra Virtual SCSI Bus; C:\Windows\System32\drivers\dtultrascsibus.sys [2019-01-01 30264]
R3 dtultrausbbus;@oem17.inf,%DTULTRAUSBBUS.DeviceDesc%;DAEMON Tools Ultra Virtual USB Bus; C:\Windows\System32\drivers\dtultrausbbus.sys [2019-01-01 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2019-01-01 6380600]
R3 rt640x64;@oem35.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2019-01-10 1139848]
S0 amdkmafd;@oem9.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2019-01-10 67576]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2017-06-12 101232]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-04-12 123392]
S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [2015-03-10 31376]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2019-06-07 76304]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe [2019-01-10 508512]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_342bb;CDPUserSvc_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2018-11-19 397256]
R2 OneSyncSvc_342bb;OneSyncSvc_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 QMEmulatorService;QMEmulatorService; D:\Games\TxGameAssistant\AppMarket\QMEmulatorService.exe [2019-03-25 343288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-07-30 357896]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\Windows\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [2018-11-16 6950256]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-01 156968]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_342bb;BcastDVRUserService_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_342bb;BluetoothUserService_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_342bb;DevicePickerUserSvc_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_342bb;DevicesFlowUserSvc_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-02-14 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe [2019-08-06 1096176]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-01 156968]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_342bb;MessagingService_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-04-22 238544]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc_342bb;PimIndexMaintenanceSvc_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_342bb;PrintWorkflowUserSvc_342bb; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\Windows\system32\spectrum.exe [2018-06-19 976384]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2019-04-30 1693472]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S4 ssh-agent;OpenSSH Authentication Agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivnu kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Prosím o preventivnu kontrolu

#3 Příspěvek od PureHate44 »

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-29-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DriverFinder
Deleted C:\Program Files (x86)\IOBIT\Driver Booster
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverFinder
Deleted C:\ProgramData\Tencent
Deleted C:\Users\PC\AppData\Roaming\DriverFinder
Deleted C:\Users\PC\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\PC\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\DriverFinder
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0956CF44-1ECC-4EEB-9FF8-4529E2CF6DA4}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2BE40B6D-F233-4F7E-8E3C-D5AA4DF531B2}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3D839F05-B78F-4B06-B88B-F0D4B2F13C2A}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6539FCF5-8DAD-48C5-8A69-180359B3FD9E}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8C491902-4119-4D0D-B294-069DD18CE3FA}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D3683DFD-0F29-4D03-A824-344E232C11AF}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\DriverFinder
Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\DriverFinder

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1987 octets] - [27/01/2019 09:29:03]
AdwCleaner[C00].txt - [1965 octets] - [27/01/2019 09:29:43]
AdwCleaner[S01].txt - [3627 octets] - [29/08/2019 17:39:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivnu kontrolu

#4 Příspěvek od Rudy »

Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Prosím o preventivnu kontrolu

#5 Příspěvek od PureHate44 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Ran by PC (02-09-2019 07:41:39)
Running from C:\Users\PC\Desktop
Windows 10 Home Version 1903 18362.295 (X64) (2019-08-30 04:48:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2757363396-3175002254-270742119-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2757363396-3175002254-270742119-503 - Limited - Disabled)
Guest (S-1-5-21-2757363396-3175002254-270742119-501 - Limited - Disabled)
PC (S-1-5-21-2757363396-3175002254-270742119-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-2757363396-3175002254-270742119-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2757363396-3175002254-270742119-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
Adobe Shockwave Player 12.3 (HKLM-x32\...\{3BD13111-2F32-4AB7-B9BB-16E07C9AA894}) (Version: 12.3.4.204 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.0.0894 - Disc Soft Ltd)
FileZilla Client 3.40.0 (HKLM-x32\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingdom Come: Deliverance - A Woman's Lot (HKLM-x32\...\1460218995_is1) (Version: 1.9.0.379 - GOG.com)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.9.0.379 - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.9.0.379 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 1.9.0.379 - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.0.379 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.9.0.379 - GOG.com)
Kodi (HKU\S-1-5-21-2757363396-3175002254-270742119-1001\...\Kodi) (Version: - XBMC Foundation)
Microsoft OneDrive (HKU\S-1-5-21-2757363396-3175002254-270742119-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 sk) (HKLM\...\Mozilla Firefox 66.0.3 (x64 sk)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.2 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1054.0 - Passmark Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
Registrácia používateľa produktu Canon MG3600 series (HKLM-x32\...\Registrácia používateľa produktu Canon MG3600 series) (Version: - ‭Canon Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Spintires: MudRunner (HKLM-x32\...\Spintires: MudRunner_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.2558 - TeamViewer)
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Total Uninstall 6.27.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.27.0 - Gavrila Martau)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wise Auto Shutdown 1.7.4 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.7.4 - WiseCleaner.com, Inc.)
Wreckfest (HKLM-x32\...\Wreckfest_is1) (Version: - )

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.19.5.0_x86__kgqvnymyfvs32 [2019-08-25] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1581.2.0_x86__kgqvnymyfvs32 [2019-08-24] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-10] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3340.0_x64__rz1tebttyb220 [2019-08-31] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-29] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-27] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2018-12-29] (Thumbmunkeys Ltd) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-06-08 09:12 - 2018-10-10 03:59 - 000116224 _____ () [File not signed] D:\Games\Assassins Creed Origins The Curse of the Pharaohs\GFSDK_Aftermath_Lib.x64.dll
2019-06-08 09:12 - 2018-10-10 03:59 - 000883712 _____ () [File not signed] D:\Games\Assassins Creed Origins The Curse of the Pharaohs\oo2core_4_win64.dll
2019-01-02 19:11 - 2019-09-01 09:20 - 000296448 _____ (3DMGAME) [File not signed] C:\Users\PC\Documents\FLiNGTrainer\TrSpeedHack_x64.dll
2019-06-08 09:12 - 2018-10-10 03:59 - 000111616 _____ (Advanced Micro Devices, Inc.) [File not signed] D:\Games\Assassins Creed Origins The Curse of the Pharaohs\amd_ags_x64.dll
2018-11-16 17:45 - 2018-11-19 04:32 - 006127472 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\Engine.dll
2019-01-03 13:37 - 2017-12-07 12:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\CNMPU.DLL
2019-06-08 09:12 - 2018-10-10 03:59 - 000380416 _____ (RAD Game Tools, Inc.) [File not signed] D:\Games\Assassins Creed Origins The Curse of the Pharaohs\bink2w64.dll
2019-06-08 09:12 - 2018-10-10 18:21 - 002308440 _____ (Ubisoft Entertainment Sweden AB -> ) [File not signed] D:\Games\Assassins Creed Origins The Curse of the Pharaohs\uplay_r1_loader64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\PC\Desktop\maminka.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\PC\Desktop\maminka.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-01-14 05:38 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2757363396-3175002254-270742119-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2757363396-3175002254-270742119-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2757363396-3175002254-270742119-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2757363396-3175002254-270742119-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{EC3A0F5A-63BB-4DFB-A1FE-B5AE42E5B89A}D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{2BCFA68A-F816-4839-B32A-2E775FEF256D}D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{F1219DC8-FC5C-49E4-B315-18948F170978}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{93AF793A-FC2F-4A7F-9CA5-D8AE94DFFB70}D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{6BC66CF4-7292-45E8-BC86-1CA2FA3983E6}D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4 deluxe edition\redist\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{91713952-BA39-4137-A46F-7F2437C500A1}D:\games\the sims 4 deluxe edition\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\ts4_x64.exe No File
FirewallRules: [TCP Query User{8DD0673A-8319-4188-A184-554BA3FE260E}D:\games\the sims 4 deluxe edition\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\ts4_x64.exe No File
FirewallRules: [UDP Query User{D6315822-F98A-4E2C-AE6C-272A909E483C}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{63A4517F-06AD-4FA5-9B89-7F0900EF2C2A}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{79715843-DE71-4683-963D-5119BF25AB35}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{2D0C316D-A754-4651-BBFB-D92E86ADF7C2}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{DEFFC095-54BC-4E78-A214-5B3FD5723D28}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{A25B9397-DECF-4D2B-A205-C1595BD9DFF5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{807D4FC6-3A19-455A-BA41-7249CBBCA1C3}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{9A5EF953-A539-4FD4-9BC8-ECDEB1AB1696}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{F3A1A350-8C9A-4A2D-B800-F64761B3EEE7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F7F0F825-3C8A-47BC-92B1-661FF09DF619}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B61A3643-F5DB-40CD-BE40-806ED54C55B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E6625DE5-DC75-481B-836A-421437A34C91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DCFD09C7-0D51-4EC1-BC33-FA081CEA832B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D30D818C-C3A7-4741-B075-D170E1AA9EFD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{85F0ED4D-DC98-4F39-AE20-2B14AEC4E113}] => (Allow) D:\Games\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{80F7081E-FEA9-449B-9DA4-D8D15834EC0F}] => (Allow) D:\Games\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1DABEC6D-B66B-482E-BDDE-A7C29C277266}] => (Allow) D:\Games\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{46C22674-7D0D-47A6-A25A-83A4EFF671FD}] => (Allow) D:\Games\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{516C742B-38E8-49CD-8C51-58882A4FBDE6}] => (Allow) D:\Games\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{AC3417C0-B0D1-4B4D-A060-95C43D71017B}] => (Allow) D:\Games\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{49835F5C-FCF0-4462-9C13-6CFF4DAD93CE}] => (Allow) D:\Games\TxGameAssistant\AppMarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E2EDD1D6-F56D-48B8-B6FC-B3635FCCF00D}] => (Allow) D:\Games\TxGameAssistant\AppMarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{932F09EC-E2AA-42E7-8848-D772C6CF96AF}] => (Allow) D:\Games\TxGameAssistant\AppMarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{1134E582-FE15-40C0-AD1E-2F9F02A3DA58}] => (Allow) D:\Games\TxGameAssistant\AppMarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{659739DE-5379-4B23-9A7C-C1DA8416A2AE}] => (Allow) D:\Games\TxGameAssistant\AppMarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{34EC49A3-E832-4804-97A7-2E6E9686D4B1}] => (Allow) D:\Games\CS\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B9AC289D-94EB-49DF-9A0A-1416462B7A50}] => (Allow) D:\Games\CS\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C9D3589C-7E24-4B18-ADB1-76724CCBF582}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C16C837-976C-406C-B932-F03DD968DA65}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{85E49E99-E5DF-4C35-B5E1-4B784E6473E3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{134BAE86-C617-456F-BACA-1137C3DAB462}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B665E9C9-7156-4B8E-B097-289C64D3FBDA}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{17D8FABB-BE4A-44BA-B63B-542B969B89B5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\AutoUpdate.exe No File
FirewallRules: [{8F16A4F1-1E32-427B-8299-9032C0E57B19}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\AutoUpdate.exe No File
FirewallRules: [{E0E773DF-FA11-4AD6-AFE0-A12B5C0A2272}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\DBDownloader.exe No File
FirewallRules: [{406B9659-0D95-4D62-B2DE-86DF3C29FDA4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\DBDownloader.exe No File
FirewallRules: [{E6281CBA-5C50-444E-BA45-2EA103C71B33}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5243106F-DAFF-47FB-9897-F800318D020C}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

==================== Restore Points =========================

30-08-2019 17:05:37 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/31/2019 10:02:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: RadeonSettings.exe, verzia: 10.1.1.1682, časová značka: 0x58fea395
Názov chybujúceho modulu: RadeonSettings.exe, verzia: 10.1.1.1682, časová značka: 0x58fea395
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000002f5b2c
Identifikácia chybujúceho procesu: 0x1e60
Čas spustenia chybujúcej aplikácie: 0x01d560365e8eb13b
Cesta chybujúcej aplikácie: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta chybujúceho modulu: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Identifikácia hlásenia: 88e3c268-d1da-404d-bd5a-a190a2f8556d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (08/31/2019 08:32:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: RadeonSettings.exe, verzia: 10.1.1.1682, časová značka: 0x58fea395
Názov chybujúceho modulu: RadeonSettings.exe, verzia: 10.1.1.1682, časová značka: 0x58fea395
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000002f5b2c
Identifikácia chybujúceho procesu: 0x1614
Čas spustenia chybujúcej aplikácie: 0x01d55fc5183e3cbf
Cesta chybujúcej aplikácie: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta chybujúceho modulu: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Identifikácia hlásenia: b28917dd-ac5e-4c4c-92fd-12664cac863e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (08/30/2019 06:53:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: RadeonSettings.exe, verzia: 10.1.1.1682, časová značka: 0x58fea395
Názov chybujúceho modulu: RadeonSettings.exe, verzia: 10.1.1.1682, časová značka: 0x58fea395
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000002f5b2c
Identifikácia chybujúceho procesu: 0x1874
Čas spustenia chybujúcej aplikácie: 0x01d55eee2faeadf8
Cesta chybujúcej aplikácie: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta chybujúceho modulu: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Identifikácia hlásenia: a899bb1b-cfe4-4070-a4a1-a9dddb3acab8
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (08/30/2019 06:42:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba: -2147418113 (0x8000ffff) : Catastrophic failure
.

Error: (08/30/2019 06:42:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba: -2147418113 (0x8000ffff) : Catastrophic failure
.

Error: (08/30/2019 06:42:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba: -2147418113 (0x8000ffff) : Catastrophic failure
.

Error: (08/30/2019 06:42:46 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba: -2147418113 (0x8000ffff) : Catastrophic failure
.


System errors:
=============
Error: (09/02/2019 07:30:46 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 0.0.0.0 with the system
having network hardware address 00-00-00-00-00-00. Network operations on this system may
be disrupted as a result.

Error: (08/31/2019 09:57:51 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.10 with the system
having network hardware address D0-39-B3-1C-18-65. Network operations on this system may
be disrupted as a result.

Error: (08/31/2019 08:26:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:50:53 AM on ‎8/‎31/‎2019 was unexpected.

Error: (08/30/2019 06:45:14 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba QMEmulatorService je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (08/30/2019 06:45:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Network List Service bola ukončená s nasledujúcou chybou:
The device is not ready.

Error: (08/30/2019 06:45:04 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.

Error: (08/30/2019 06:44:37 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Printer Extensions and Notifications je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (08/30/2019 06:43:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Network List Service bola ukončená s nasledujúcou chybou:
The device is not ready.


Windows Defender:
===================================
Date: 2019-08-31 22:12:20.857
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Program:Win32/Uwasson.A!ml
ID: 251745
Severity: Stredná
Category: Potenciálne nežiaduci softvér
Path: file:_D:\Downloads\Hry\The Sims 4 1.53.115.1020\Aktualizace\Update\Setup.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
Security intelligence Version: AV: 1.301.169.0, AS: 1.301.169.0, NIS: 1.301.169.0
Engine Version: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-08-31 08:56:12.628
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4BF5535B-40B9-450D-8383-142623E62DFD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-08-31 08:27:13.732
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Program:Win32/Uwasson.A!ml
ID: 251745
Severity: Stredná
Category: Potenciálne nežiaduci softvér
Path: file:_D:\Downloads\Hry\The Sims 4 1.53.115.1020\Aktualizace\Update\Setup.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.301.163.0, AS: 1.301.163.0, NIS: 1.301.163.0
Engine Version: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2019-08-30 06:49:10.093
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Program:Win32/Uwasson.A!ml
ID: 251745
Severity: Medium
Category: Potentially Unwanted Software
Path: file:_D:\Downloads\Hry\The Sims 4 1.53.115.1020\Aktualizace\Update\Setup.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.301.28.0, AS: 1.301.28.0, NIS: 1.301.28.0
Engine Version: AM: 1.1.16300.1, NIS: 1.1.16300.1

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2.J0 11/06/2018
Motherboard: MSI B350M GAMING PRO (MS-7A39)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 47%
Total physical RAM: 16335.13 MB
Available physical RAM: 8648.27 MB
Total Virtual: 19279.13 MB
Available Virtual: 3831.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:111.27 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:412.65 GB) NTFS

\\?\Volume{72ac1713-f6ad-426e-9114-7ff3963cb3f8}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{4b7b8002-bec7-4040-b90a-25456f45970f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D0D77719)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Přílohy
FRST.rar
(18.02 KiB) Staženo 109 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivnu kontrolu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {1BE012B7-A996-4EBC-8D5F-7D85116DCC53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-01] (Google Inc -> Google Inc.)
Task: {613AC6F8-D74F-4189-87BE-5B644A020BE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-01] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\PC\Desktop\maminka.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\PC\Desktop\maminka.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [UDP Query User{91713952-BA39-4137-A46F-7F2437C500A1}D:\games\the sims 4 deluxe edition\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\ts4_x64.exe No File
FirewallRules: [TCP Query User{8DD0673A-8319-4188-A184-554BA3FE260E}D:\games\the sims 4 deluxe edition\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\ts4_x64.exe No File
FirewallRules: [{17D8FABB-BE4A-44BA-B63B-542B969B89B5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\AutoUpdate.exe No File
FirewallRules: [{8F16A4F1-1E32-427B-8299-9032C0E57B19}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\AutoUpdate.exe No File
FirewallRules: [{E0E773DF-FA11-4AD6-AFE0-A12B5C0A2272}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\DBDownloader.exe No File
FirewallRules: [{406B9659-0D95-4D62-B2DE-86DF3C29FDA4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\DBDownloader.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Prosím o preventivnu kontrolu

#7 Příspěvek od PureHate44 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Ran by PC (02-09-2019 10:27:45) Run:2
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {1BE012B7-A996-4EBC-8D5F-7D85116DCC53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-01] (Google Inc -> Google Inc.)
Task: {613AC6F8-D74F-4189-87BE-5B644A020BE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-01] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\PC\Desktop\maminka.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\PC\Desktop\maminka.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [UDP Query User{91713952-BA39-4137-A46F-7F2437C500A1}D:\games\the sims 4 deluxe edition\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\ts4_x64.exe No File
FirewallRules: [TCP Query User{8DD0673A-8319-4188-A184-554BA3FE260E}D:\games\the sims 4 deluxe edition\ts4_x64.exe] => (Block) D:\games\the sims 4 deluxe edition\ts4_x64.exe No File
FirewallRules: [{17D8FABB-BE4A-44BA-B63B-542B969B89B5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\AutoUpdate.exe No File
FirewallRules: [{8F16A4F1-1E32-427B-8299-9032C0E57B19}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\AutoUpdate.exe No File
FirewallRules: [{E0E773DF-FA11-4AD6-AFE0-A12B5C0A2272}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\DBDownloader.exe No File
FirewallRules: [{406B9659-0D95-4D62-B2DE-86DF3C29FDA4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.0\DBDownloader.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BE012B7-A996-4EBC-8D5F-7D85116DCC53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BE012B7-A996-4EBC-8D5F-7D85116DCC53}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{613AC6F8-D74F-4189-87BE-5B644A020BE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613AC6F8-D74F-4189-87BE-5B644A020BE6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\Users\PC\Desktop\maminka.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\PC\Desktop\maminka.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{91713952-BA39-4137-A46F-7F2437C500A1}D:\games\the sims 4 deluxe edition\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8DD0673A-8319-4188-A184-554BA3FE260E}D:\games\the sims 4 deluxe edition\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17D8FABB-BE4A-44BA-B63B-542B969B89B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F16A4F1-1E32-427B-8299-9032C0E57B19}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0E773DF-FA11-4AD6-AFE0-A12B5C0A2272}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{406B9659-0D95-4D62-B2DE-86DF3C29FDA4}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14836968 B
Java, Flash, Steam htmlcache => 43235047 B
Windows/system/drivers => 395536 B
Edge => 1264405 B
Chrome => 353451885 B
Firefox => 22145130 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 7498 B
NetworkService => 0 B
PC => 1956821967 B

RecycleBin => 188453 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:28:42 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivnu kontrolu

#8 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Prosím o preventivnu kontrolu

#9 Příspěvek od PureHate44 »

Ďakujem :-)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivnu kontrolu

#10 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“