prosím o pomoc

[Syslandos]

Prosím o pomoc s pc.V prohlížeči při kliknutí vyskakuje okno a buď se hned zavře nebo se načtou reklamy.Take počítač pomaleji načítá programy.Předem děkuji za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dan at 2019-08-29 19:09:10
Microsoft Windows 10 Pro
System drive C: has 255 GB (27%) free of 953 GB
Total RAM: 8140 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:09:19, on 29.08.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0592)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\NahimicSvc32.exe
C:\Nastavení\vibranceGUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Dan\AppData\Roaming\uTorrent\helper\helper.exe
C:\Program Files\trend micro\Dan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5Wtm68jpMXp43N4TNLNHCmZVIyltnvf2hH3cEe6_1OLJnvdyu87VDvX4LLJPF-Uazlpu-iB7cU_OYjWU7jlOzmwNt_mUD4r-krFXNoSA9JbQQx5wpvBiYVtM5kARIN7fVNaSzVfKXJVHufuibkVFbvkJXzdohA,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5Wtm68jpMXp43N4TNLNHCmZVIyltnvf2hH3cEe6_1OLJnvdyu87VDvX4LLJPF-Uazlpu-iB7cU_OYjWU7jlOzmwNt_mUD4r-krFXNoSA9JbQQx5wpvBiYVtM5kARIN7fVNaSzVfKXJVHufuibkVFbvkJXzdohA,,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 2.57.64.0:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Gaijin.Net Updater] "C:\Users\Dan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
O4 - HKCU\..\Run: [vibranceGUI] "C:\Nastavení\vibranceGUI.exe" -minimized
O4 - HKCU\..\Run: [Discord] C:\Users\Dan\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [Overwolf] "C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe" -overwolfsilent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{125f4a4d-5311-4293-9d15-d8c0b6a2abda}: NameServer = 82.163.142.9 95.211.158.137
O17 - HKLM\System\CCS\Services\Tcpip\..\{86974beb-0a57-4822-bd75-ac4ea2b3a751}: NameServer = 82.163.142.9 95.211.158.137
O17 - HKLM\System\CCS\Services\Tcpip\..\{94728099-ac2a-4301-8972-0780d2aa5c2f}: NameServer = 82.163.142.9 95.211.158.137
O17 - HKLM\System\CCS\Services\Tcpip\..\{be8254c5-c9ea-4ed6-82d6-97b9e9df4626}: NameServer = 82.163.142.9 95.211.158.137
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.9 95.211.158.137
O17 - HKLM\System\CS1\Services\Tcpip\..\{125f4a4d-5311-4293-9d15-d8c0b6a2abda}: NameServer = 82.163.142.9 95.211.158.137
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.9 95.211.158.137
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: SCP DS3 Service (Ds3Service) - Scarlet.Crush Productions - C:\Users\Dan\Desktop\ps3 controller\ScpServer\bin\ScpService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @oem32.inf,%SERVICE_FRIENDLY_NAME%;Nahimic service (NahimicService) - Unknown owner - C:\Windows\system32\NahimicService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ProtonVPN Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\Windows\System32\RtkAudUService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12485 bytes

======Listing Processes======









C:\Windows\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k DcomLaunch -p
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp

C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Windows\system32\NahimicService.exe"
"C:\Users\Dan\Desktop\ps3 controller\ScpServer\bin\ScpService.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\Windows\System32\svchost.exe -k netsvcs
"C:\Windows\System32\RtkAudUService64.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo

C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager


C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="469829BB-3965-7D00-A6A8-88B05584E47B" /binpath="C:\Program Files\AVAST Software\Avast"

C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc

C:\Windows\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
"ctfmon.exe"
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\system32\.\NahimicSvc64.exe /start all /product A-Volute.Nahimic
C:\Windows\system32\..\SysWOW64\NahimicSvc32.exe /start all /product A-Volute.Nahimic
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Windows\System32\RtkAudUService64.exe" -background
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Nastavení\vibranceGUI.exe" -minimized
C:\Windows\System32\RuntimeBroker.exe -Embedding
AvastUI.exe /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\MicrosoftEdgeSH.exe SCODEF:11816 CREDAT:9730 APH:8DC0000000010 JITHOST /prefetch:2
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Dan\AppData\Local\Steam\htmlcache" "-steampid=5668" "-buildid=1566431379" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Dan\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1566431379 --initial-client-data=0x2e4,0x2d8,0x2dc,0x2e0,0x2e8,0x7fff879ff760,0x7fff879ff770,0x7fff879ff780
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1464,11424292018019651517,2215228562586862792,131072 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1566431379 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=10084190035369133023 --mojo-platform-channel-handle=1576 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1464,11424292018019651517,2215228562586862792,131072 --service-pipe-token=501502580590690069 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1566431379 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=501502580590690069 --renderer-client-id=4 --mojo-platform-channel-handle=1524 /prefetch:1
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Windows\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
C:\Windows\System32\CompPkgSrv.exe -Embedding
taskhostw.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe" -ServerName:Microsoft.ZuneMusic.AppX48dcrcgzqqdshm3kf61t0cm5e9pyd6h6.mca
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
"C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.156.0_x64__dt26b99r8h8gj\RtkUWP.exe" -ServerName:App.AppX2vzv616czv2j97f46vn25b5ksjvhr8z1.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -shellmount "C:\Users\Dan\Desktop\CMS v.1.6.0\car.mechanic.simulator.2018.dodge.modern v.1.5.25.1.iso"
C:\Windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\Windows\system32\svchost.exe -k LocalService -p -s bthserv
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" com.epicgames.launcher://apps/Fortnite?action=launch&silent=true
"C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/Win64/UnrealCEFSubProcess.exe" --type=gpu-process --no-sandbox --lang=en --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/Dan/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/10.5.2-8362611+++Portal+Release-Live UnrealEngine/4.21.0-8362611+++Portal+Release-Live Chrome/59.0.3071.15" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x1c03 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8813 --gpu-driver-date=10-27-2017 --lang=en --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/Dan/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/10.5.2-8362611+++Portal+Release-Live UnrealEngine/4.21.0-8362611+++Portal+Release-Live Chrome/59.0.3071.15" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --service-request-channel-token=BD492786E47ECDA7BC279A48EB4650FE --mojo-platform-channel-handle=2356 /prefetch:2


"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1464,11424292018019651517,2215228562586862792,131072 --service-pipe-token=550137853434368831 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1566431379 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=550137853434368831 --renderer-client-id=15 --mojo-platform-channel-handle=4796 /prefetch:1
"C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe"
"C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe"
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.32.20003.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.32.20003.0_x64__8wekyb3d8bbwe\GameBarFT.exe" /InvokerPRAID: App
C:\Windows\System32\smartscreen.exe -Embedding
C:\Windows\System32\SpatialAudioLicenseSrv.exe SpatialAudioLicenseServerInteractiveUser -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Dan\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Dan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=76.0.3809.132 --initial-client-data=0xa4,0xa8,0xac,0x9c,0xb0,0x7fff7c4def08,0x7fff7c4def18,0x7fff7c4def28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5848 --on-initialized-event-handle=540 --parent-handle=548 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --gpu-preferences=IAAAAAAAAADgAAAwAAAAAAAAYAAAAAAACAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --service-request-channel-token=16710398655463047452 --mojo-platform-channel-handle=1760 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=18059126346073056565 --mojo-platform-channel-handle=2244 /prefetch:8
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --service-sandbox-type=audio --service-request-channel-token=9960128533238597732 --mojo-platform-channel-handle=6076 /prefetch:8
"C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Users\Dan\Downloads\[CzT]Avengers_Endgame_2019_CZ_EN_720pHD_.torrent" /SHELLASSOC
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Users\Dan\AppData\Roaming\uTorrent\helper\helper.exe" 52517 -- -pid 6788 -version 45311
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS

C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=14671019903031452374 --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13056918524171582803 --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12271496112932787251 --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3992 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16441869281231376976 --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=15672068137342234333 --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,13268655444364446789,15375422405370595830,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=4444981566811198783 --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4332 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe128_ Global\UsGthrCtrlFltPipeMssGthrPipe128 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 776 780 788 8192 784
C:\Windows\system32\AUDIODG.EXE 0x47c
"C:\Users\Dan\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Updater_Online_Application.job - C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe /silentall -nofreqcheck

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01 221664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-08-14 479216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-14 193520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"RtkAudUService"=C:\Windows\System32\RtkAudUService64.exe [2018-11-28 817232]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-08-27 268680]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ConnecitfyTemp 059b4b00dcf59cf519a94c5efbd2d06f"=cmd /Q /C rmdir /S /Q C:\Users\Dan\AppData\Local\Temp\Connectify\059b4b00dcf59cf519a94c5efbd2d06f []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe [2019-08-20 1821424]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2019-06-19 371304]
"Gaijin.Net Updater"=C:\Users\Dan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2019-04-18 2105416]
"vibranceGUI"=C:\Nastavení\vibranceGUI.exe [2018-12-10 794624]
"Discord"=C:\Users\Dan\AppData\Local\Discord\app-0.0.305\Discord.exe [2019-03-07 81780056]
"Overwolf"=C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [2019-08-18 1668424]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-08-22 3210528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2015-01-09 235624]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-07-04 644552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\Quoteex\Touchex.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-08-29 19:09:10 ----D---- C:\rsit
2019-08-29 19:09:10 ----D---- C:\Program Files\trend micro
2019-08-29 16:03:23 ----D---- C:\ProgramData\ProtonVPN
2019-08-29 15:59:55 ----D---- C:\Program Files (x86)\Proton Technologies
2019-08-29 15:46:40 ----RD---- C:\fdasfsdfsd
2019-08-29 14:03:28 ----A---- C:\lightfx.dll
2019-08-29 13:54:10 ----D---- C:\Program Files (x86)\Car Mechanic Simulator 2018 Dodge Modern
2019-08-29 13:53:33 ----D---- C:\Users\Dan\AppData\Roaming\Need for Speed World
2019-08-29 13:45:46 ----D---- C:\Program Files (x86)\NFS World Offline
2019-08-28 20:52:33 ----HD---- C:\$WINDOWS.~BT
2019-08-28 19:57:11 ----A---- C:\Windows\system32\drivers\cnnctfy4.sys
2019-08-28 19:57:11 ----A---- C:\Windows\system32\drivers\cfywlan2.sys
2019-08-28 19:57:09 ----D---- C:\Program Files (x86)\Connectify
2019-08-27 18:01:11 ----A---- C:\Windows\system32\aswBoot.exe
2019-08-27 18:01:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2019-08-27 18:01:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2019-08-22 01:35:02 ----D---- C:\Users\Dan\AppData\Roaming\MPC-HC
2019-08-21 11:06:40 ----D---- C:\Program Files (x86)\Far Cry New Dawn
2019-08-16 14:38:02 ----D---- C:\Program Files\Microsoft Xbox 360 Accessories
2019-08-16 14:37:10 ----D---- C:\9191faef4e9772940f00
2019-08-16 13:49:57 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2019-08-15 15:25:32 ----A---- C:\Windows\SYSWOW64\SyncController.dll
2019-08-15 15:25:31 ----A---- C:\Windows\SYSWOW64\wmp.dll
2019-08-15 15:25:31 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2019-08-15 15:25:31 ----A---- C:\Windows\system32\wmp.dll
2019-08-15 15:25:31 ----A---- C:\Windows\system32\SyncController.dll
2019-08-15 15:25:30 ----A---- C:\Windows\system32\tellib.dll
2019-08-15 15:25:30 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2019-08-15 15:25:30 ----A---- C:\Windows\system32\drivers\mssecflt.sys
2019-08-15 15:25:29 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2019-08-15 15:25:23 ----A---- C:\Windows\SYSWOW64\p2pnetsh.dll
2019-08-15 15:25:23 ----A---- C:\Windows\SYSWOW64\P2P.dll
2019-08-15 15:25:23 ----A---- C:\Windows\system32\workfolderssvc.dll
2019-08-15 15:25:22 ----A---- C:\Windows\SYSWOW64\P2PGraph.dll
2019-08-15 15:25:22 ----A---- C:\Windows\SYSWOW64\offreg.dll
2019-08-15 15:25:22 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2019-08-15 15:25:22 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2019-08-15 15:25:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-08-15 15:25:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-08-15 15:25:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-08-15 15:25:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-08-15 15:25:20 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2019-08-15 15:25:19 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-08-15 15:25:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-08-15 15:25:19 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2019-08-15 15:25:19 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2019-08-15 15:25:18 ----A---- C:\Windows\SYSWOW64\werui.dll
2019-08-15 15:25:18 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-08-15 15:25:18 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-08-15 15:25:18 ----A---- C:\Windows\SYSWOW64\DWWIN.EXE
2019-08-15 15:25:12 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2019-08-15 15:25:11 ----A---- C:\Windows\SYSWOW64\mispace.dll
2019-08-15 15:25:11 ----A---- C:\Windows\system32\pnrpsvc.dll
2019-08-15 15:25:11 ----A---- C:\Windows\system32\p2psvc.dll
2019-08-15 15:25:11 ----A---- C:\Windows\system32\p2pnetsh.dll
2019-08-15 15:25:11 ----A---- C:\Windows\system32\P2PGraph.dll
2019-08-15 15:25:11 ----A---- C:\Windows\system32\P2P.dll
2019-08-15 15:25:11 ----A---- C:\Windows\system32\Groupinghc.dll
2019-08-15 15:25:10 ----A---- C:\Windows\system32\offreg.dll
2019-08-15 15:25:10 ----A---- C:\Windows\system32\mstscax.dll
2019-08-15 15:25:10 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2019-08-15 15:25:09 ----A---- C:\Windows\system32\wercplsupport.dll
2019-08-15 15:25:09 ----A---- C:\Windows\system32\werconcpl.dll
2019-08-15 15:25:09 ----A---- C:\Windows\system32\systemreset.exe
2019-08-15 15:25:09 ----A---- C:\Windows\system32\srms.dat
2019-08-15 15:25:09 ----A---- C:\Windows\system32\ResetEngine.dll
2019-08-15 15:25:09 ----A---- C:\Windows\system32\reseteng.dll
2019-08-15 15:25:09 ----A---- C:\Windows\system32\nltest.exe
2019-08-15 15:25:08 ----A---- C:\Windows\system32\msfeeds.dll
2019-08-15 15:25:08 ----A---- C:\Windows\system32\ieframe.dll
2019-08-15 15:25:08 ----A---- C:\Windows\system32\iedkcs32.dll
2019-08-15 15:25:08 ----A---- C:\Windows\system32\DWWIN.EXE
2019-08-15 15:25:06 ----A---- C:\Windows\system32\mshtml.dll
2019-08-15 15:25:06 ----A---- C:\Windows\system32\edgehtml.dll
2019-08-15 15:25:05 ----A---- C:\Windows\system32\ie4uinit.exe
2019-08-15 15:25:04 ----A---- C:\Windows\system32\werui.dll
2019-08-15 15:25:04 ----A---- C:\Windows\system32\jscript.dll
2019-08-15 15:25:04 ----A---- C:\Windows\system32\Chakradiag.dll
2019-08-15 15:25:04 ----A---- C:\Windows\system32\Chakra.dll
2019-08-15 15:25:04 ----A---- C:\Windows\system32\ClipUp.exe
2019-08-15 15:25:03 ----A---- C:\Windows\system32\RDXService.dll
2019-08-15 15:25:03 ----A---- C:\Windows\system32\mispace.dll
2019-08-15 15:25:03 ----A---- C:\Windows\system32\fsutil.exe
2019-08-15 15:25:02 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-08-15 15:25:02 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2019-08-15 15:25:02 ----A---- C:\Windows\system32\ssdpsrv.dll
2019-08-15 15:25:02 ----A---- C:\Windows\system32\BioIso.exe
2019-08-15 15:25:01 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-08-15 15:25:01 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2019-08-15 15:25:01 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2019-08-15 15:25:01 ----A---- C:\Windows\SYSWOW64\newdev.dll
2019-08-15 15:25:01 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2019-08-15 15:25:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-08-15 15:25:01 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2019-08-15 15:25:00 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2019-08-15 15:24:59 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-15 15:24:59 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2019-08-15 15:24:59 ----A---- C:\Windows\SYSWOW64\Taskmgr.exe
2019-08-15 15:24:59 ----A---- C:\Windows\SYSWOW64\drvsetup.dll
2019-08-15 15:24:58 ----A---- C:\Windows\SYSWOW64\Windows.System.Diagnostics.dll
2019-08-15 15:24:58 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Lights.dll
2019-08-15 15:24:58 ----A---- C:\Windows\SYSWOW64\Unistore.dll
2019-08-15 15:24:58 ----A---- C:\Windows\SYSWOW64\rmclient.dll
2019-08-15 15:24:58 ----A---- C:\Windows\SYSWOW64\rdpbase.dll
2019-08-15 15:24:58 ----A---- C:\Windows\SYSWOW64\AppxPackaging.dll
2019-08-15 15:24:57 ----A---- C:\Windows\SYSWOW64\tquery.dll
2019-08-15 15:24:57 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2019-08-15 15:24:57 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2019-08-15 15:24:57 ----A---- C:\Windows\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-15 15:24:57 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2019-08-15 15:24:57 ----A---- C:\Windows\SYSWOW64\mssph.dll
2019-08-15 15:24:56 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2019-08-15 15:24:55 ----A---- C:\Windows\SYSWOW64\Windows.System.SystemManagement.dll
2019-08-15 15:24:55 ----A---- C:\Windows\SYSWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-15 15:24:55 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2019-08-15 15:24:55 ----A---- C:\Windows\SYSWOW64\ComposableShellProxyStub.dll
2019-08-15 15:24:54 ----A---- C:\Windows\SYSWOW64\twinui.dll
2019-08-15 15:24:54 ----A---- C:\Windows\SYSWOW64\LicensingDiagSpp.dll
2019-08-15 15:24:53 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2019-08-15 15:24:53 ----A---- C:\Windows\SYSWOW64\ShellCommonCommonProxyStub.dll
2019-08-15 15:24:52 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-15 15:24:52 ----A---- C:\Windows\SYSWOW64\explorer.exe
2019-08-15 15:24:51 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-08-15 15:24:51 ----A---- C:\Windows\SYSWOW64\hmkd.dll
2019-08-15 15:24:51 ----A---- C:\Windows\SYSWOW64\FlightSettings.dll
2019-08-15 15:24:51 ----A---- C:\Windows\system32\t2embed.dll
2019-08-15 15:24:51 ----A---- C:\Windows\system32\DeviceSoftwareInstallationClient.dll
2019-08-15 15:24:50 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2019-08-15 15:24:50 ----A---- C:\Windows\system32\GdiPlus.dll
2019-08-15 15:24:50 ----A---- C:\Windows\system32\gdi32full.dll
2019-08-15 15:24:49 ----A---- C:\Windows\system32\wininet.dll
2019-08-15 15:24:49 ----A---- C:\Windows\system32\iertutil.dll
2019-08-15 15:24:49 ----A---- C:\Windows\system32\gpsvc.dll
2019-08-15 15:24:46 ----A---- C:\Windows\system32\fontsub.dll
2019-08-15 15:24:46 ----A---- C:\Windows\system32\drivers\tcpip.sys
2019-08-15 15:24:46 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-08-15 15:24:45 ----A---- C:\Windows\system32\kdnet.dll
2019-08-15 15:24:45 ----A---- C:\Windows\system32\bcryptprimitives.dll
2019-08-15 15:24:39 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-08-15 15:24:39 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2019-08-15 15:24:39 ----A---- C:\Windows\system32\rpcrt4.dll
2019-08-15 15:24:39 ----A---- C:\Windows\system32\KernelBase.dll
2019-08-15 15:24:39 ----A---- C:\Windows\system32\drivers\msrpc.sys
2019-08-15 15:24:39 ----A---- C:\Windows\system32\ComposableShellProxyStub.dll
2019-08-15 15:24:38 ----A---- C:\Windows\system32\twinui.dll
2019-08-15 15:24:38 ----A---- C:\Windows\system32\sppc.dll
2019-08-15 15:24:38 ----A---- C:\Windows\system32\pcasvc.dll
2019-08-15 15:24:38 ----A---- C:\Windows\system32\msctf.dll
2019-08-15 15:24:38 ----A---- C:\Windows\system32\CoreShellExtFramework.dll
2019-08-15 15:24:38 ----A---- C:\Windows\system32\CoreShell.dll
2019-08-15 15:24:38 ----A---- C:\Windows\system32\bootux.dll
2019-08-15 15:24:37 ----A---- C:\Windows\system32\winresume.exe
2019-08-15 15:24:37 ----A---- C:\Windows\system32\winload.exe
2019-08-15 15:24:37 ----A---- C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-15 15:24:37 ----A---- C:\Windows\system32\drivers\appid.sys
2019-08-15 15:24:36 ----A---- C:\Windows\system32\Taskmgr.exe
2019-08-15 15:24:36 ----A---- C:\Windows\system32\drivers\refs.sys
2019-08-15 15:24:34 ----A---- C:\Windows\system32\sppsvc.exe
2019-08-15 15:24:34 ----A---- C:\Windows\system32\sppobjs.dll
2019-08-15 15:24:34 ----A---- C:\Windows\system32\sppcext.dll
2019-08-15 15:24:34 ----A---- C:\Windows\system32\shunimpl.dll
2019-08-15 15:24:34 ----A---- C:\Windows\system32\shell32.dll
2019-08-15 15:24:34 ----A---- C:\Windows\system32\ExplorerFrame.dll
2019-08-15 15:24:34 ----A---- C:\Windows\system32\comdlg32.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\vpnike.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\vbscript.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\sppwinob.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\services.exe
2019-08-15 15:24:33 ----A---- C:\Windows\system32\rastapi.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\rasmans.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\nlasvc.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\mprddm.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\LicensingDiagSpp.dll
2019-08-15 15:24:33 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2019-08-15 15:24:32 ----A---- C:\Windows\system32\newdev.dll
2019-08-15 15:24:32 ----A---- C:\Windows\system32\iphlpsvc.dll
2019-08-15 15:24:32 ----A---- C:\Windows\system32\hal.dll
2019-08-15 15:24:32 ----A---- C:\Windows\system32\drvinst.exe
2019-08-15 15:24:32 ----A---- C:\Windows\system32\drivers\ks.sys
2019-08-15 15:24:32 ----A---- C:\Windows\system32\APMon.dll
2019-08-15 15:24:31 ----A---- C:\Windows\system32\win32kfull.sys
2019-08-15 15:24:31 ----A---- C:\Windows\system32\rmclient.dll
2019-08-15 15:24:31 ----A---- C:\Windows\system32\psmsrv.dll
2019-08-15 15:24:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-08-15 15:24:31 ----A---- C:\Windows\system32\NgcCtnrSvc.dll
2019-08-15 15:24:31 ----A---- C:\Windows\system32\daxexec.dll
2019-08-15 15:24:30 ----A---- C:\Windows\system32\Windows.System.Diagnostics.dll
2019-08-15 15:24:30 ----A---- C:\Windows\system32\Windows.Devices.Lights.dll
2019-08-15 15:24:30 ----A---- C:\Windows\system32\Unistore.dll
2019-08-15 15:24:30 ----A---- C:\Windows\system32\rdpbase.dll
2019-08-15 15:24:30 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2019-08-15 15:24:30 ----A---- C:\Windows\system32\msxml6.dll
2019-08-15 15:24:30 ----A---- C:\Windows\system32\ISM.dll
2019-08-15 15:24:29 ----A---- C:\Windows\system32\tquery.dll
2019-08-15 15:24:29 ----A---- C:\Windows\system32\SearchIndexer.exe
2019-08-15 15:24:29 ----A---- C:\Windows\system32\SearchFilterHost.exe
2019-08-15 15:24:29 ----A---- C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-15 15:24:29 ----A---- C:\Windows\system32\mssrch.dll
2019-08-15 15:24:29 ----A---- C:\Windows\system32\mssph.dll
2019-08-15 15:24:29 ----A---- C:\Windows\system32\msscntrs.dll
2019-08-15 15:24:29 ----A---- C:\Windows\system32\InputLocaleManager.dll
2019-08-15 15:24:29 ----A---- C:\Windows\system32\EdgeContent.dll
2019-08-15 15:24:28 ----A---- C:\Windows\system32\win32kbase.sys
2019-08-15 15:24:28 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2019-08-15 15:24:28 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2019-08-15 15:24:27 ----A---- C:\Windows\system32\Windows.System.SystemManagement.dll
2019-08-15 15:24:27 ----A---- C:\Windows\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-15 15:24:27 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-15 15:24:27 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2019-08-15 15:24:27 ----A---- C:\Windows\system32\TokenBroker.dll
2019-08-15 15:24:27 ----A---- C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-15 15:24:27 ----A---- C:\Windows\system32\DeviceSetupManager.dll
2019-08-15 15:24:27 ----A---- C:\Windows\system32\appsruprov.dll
2019-08-15 15:24:26 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-08-15 15:24:26 ----A---- C:\Windows\system32\SecurityHealthService.exe
2019-08-15 15:24:26 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-08-15 15:24:26 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2019-08-15 15:24:25 ----A---- C:\Windows\system32\StartTileData.dll
2019-08-15 15:24:25 ----A---- C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-08-15 15:24:25 ----A---- C:\Windows\system32\SettingsHandlers_SIUF.dll
2019-08-15 15:24:25 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2019-08-15 15:24:25 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-08-15 15:24:25 ----A---- C:\Windows\explorer.exe
2019-08-15 15:24:24 ----A---- C:\Windows\system32\wpx.dll
2019-08-15 15:24:24 ----A---- C:\Windows\system32\WpcTok.exe
2019-08-15 15:24:24 ----A---- C:\Windows\system32\WpcRefreshTask.dll
2019-08-15 15:24:24 ----A---- C:\Windows\system32\WpcMon.exe
2019-08-15 15:24:24 ----A---- C:\Windows\system32\wcmsvc.dll
2019-08-15 15:24:24 ----A---- C:\Windows\system32\kdcpw.dll
2019-08-15 15:24:24 ----A---- C:\Windows\system32\hmkd.dll
2019-08-15 15:24:24 ----A---- C:\Windows\system32\FlightSettings.dll
2019-08-15 15:24:24 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-08-15 15:24:24 ----A---- C:\Windows\system32\drivers\bowser.sys
2019-08-15 15:24:17 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2019-08-15 15:24:17 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2019-08-15 15:24:17 ----A---- C:\Windows\SYSWOW64\wer.dll
2019-08-15 15:24:17 ----A---- C:\Windows\system32\drivers\http.sys
2019-08-15 15:24:17 ----A---- C:\Windows\system32\AppVScripting.dll
2019-08-15 15:24:17 ----A---- C:\Windows\system32\AppVReporting.dll
2019-08-15 15:24:17 ----A---- C:\Windows\system32\AppVPublishing.dll
2019-08-15 15:24:17 ----A---- C:\Windows\system32\AppVEntVirtualization.dll
2019-08-15 15:24:17 ----A---- C:\Windows\system32\AppVClient.exe
2019-08-15 15:24:16 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2019-08-15 15:24:16 ----A---- C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-08-15 15:24:16 ----A---- C:\Windows\system32\wermgr.exe
2019-08-15 15:24:16 ----A---- C:\Windows\system32\WerFault.exe
2019-08-15 15:24:16 ----A---- C:\Windows\system32\wer.dll
2019-08-15 15:24:16 ----A---- C:\Windows\system32\WaaSMedicCapsule.dll
2019-08-15 15:24:16 ----A---- C:\Windows\system32\MusNotifyIcon.exe
2019-08-15 15:24:16 ----A---- C:\Windows\system32\MusNotificationUx.exe
2019-08-15 15:24:16 ----A---- C:\Windows\system32\MusNotification.exe
2019-08-15 15:24:16 ----A---- C:\Windows\system32\musdialoghandlers.dll
2019-08-15 15:24:16 ----A---- C:\Windows\system32\Faultrep.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\wuuhext.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\usocore.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\UsoClient.exe
2019-08-15 15:24:15 ----A---- C:\Windows\system32\usoapi.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\updatepolicy.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\updatehandlers.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\updatecsp.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\UpdateAgent.dll
2019-08-15 15:24:15 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2019-08-15 15:24:14 ----A---- C:\Windows\SYSWOW64\dtdump.exe
2019-08-15 15:24:14 ----A---- C:\Windows\system32\wuuhosdeployment.dll
2019-08-15 15:24:14 ----A---- C:\Windows\system32\wuaueng.dll
2019-08-15 15:24:14 ----A---- C:\Windows\system32\wuapi.dll
2019-08-15 15:24:14 ----A---- C:\Windows\system32\drvsetup.dll
2019-08-15 15:24:14 ----A---- C:\Windows\system32\diagtrack.dll
2019-08-15 15:24:13 ----A---- C:\Windows\system32\wevtsvc.dll
2019-08-15 15:24:13 ----A---- C:\Windows\system32\tcbloader.dll
2019-08-15 15:24:13 ----A---- C:\Windows\system32\tcblaunch.exe
2019-08-15 15:24:13 ----A---- C:\Windows\system32\skci.dll
2019-08-15 15:24:13 ----A---- C:\Windows\system32\lsasrv.dll
2019-08-15 15:24:13 ----A---- C:\Windows\system32\LsaIso.exe
2019-08-15 15:24:13 ----A---- C:\Windows\system32\drivers\cng.sys
2019-08-15 15:24:12 ----A---- C:\Windows\SYSWOW64\wldp.dll
2019-08-15 15:24:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-08-15 15:24:12 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2019-08-15 15:24:12 ----A---- C:\Windows\SYSWOW64\ncryptprov.dll
2019-08-15 15:24:12 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2019-08-15 15:24:12 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2019-08-15 15:24:12 ----A---- C:\Windows\SYSWOW64\combase.dll
2019-08-15 15:24:12 ----A---- C:\Windows\system32\netlogon.dll
2019-08-15 15:24:12 ----A---- C:\Windows\system32\kerberos.dll
2019-08-15 15:24:12 ----A---- C:\Windows\system32\KerbClientShared.dll
2019-08-15 15:24:12 ----A---- C:\Windows\system32\DiskSnapshot.exe
2019-08-15 15:24:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\wldp.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\tzres.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\rpcss.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\oleaut32.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\ncryptprov.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\logoncli.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\dnsapi.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\combase.dll
2019-08-15 15:24:11 ----A---- C:\Windows\system32\ci.dll
2019-08-15 15:24:10 ----A---- C:\Windows\system32\xmllite.dll
2019-08-15 15:24:10 ----A---- C:\Windows\system32\windows.storage.dll
2019-08-15 15:24:10 ----A---- C:\Windows\system32\wc_storage.dll
2019-08-15 15:24:10 ----A---- C:\Windows\system32\drivers\bindflt.sys
2019-08-15 15:24:10 ----A---- C:\Windows\system32\bcdedit.exe
2019-08-15 15:24:10 ----A---- C:\Windows\system32\AppxPackaging.dll
2019-08-15 15:24:09 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2019-08-15 15:24:09 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2019-08-15 15:24:09 ----A---- C:\Windows\SYSWOW64\updatepolicy.dll
2019-08-15 15:24:09 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2019-08-15 15:24:09 ----A---- C:\Windows\SYSWOW64\msctf.dll
2019-08-15 15:24:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-08-15 15:24:09 ----A---- C:\Windows\SYSWOW64\KerbClientShared.dll
2019-08-15 15:24:08 ----A---- C:\Windows\system32\drivers\winhvr.sys
2019-08-15 15:24:07 ----A---- C:\Windows\system32\rdpnano.dll
2019-08-15 15:24:07 ----A---- C:\Windows\system32\hvix64.exe
2019-08-15 15:24:07 ----A---- C:\Windows\system32\hvax64.exe
2019-08-15 15:24:07 ----A---- C:\Windows\system32\drivers\winhv.sys
2019-08-15 15:24:07 ----A---- C:\Windows\system32\drivers\tpm.sys
2019-08-15 15:24:07 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2019-08-15 15:24:07 ----A---- C:\Windows\system32\drivers\bthport.sys
2019-08-15 15:24:07 ----A---- C:\Windows\system32\computestorage.dll
2019-08-15 15:24:06 ----A---- C:\Windows\system32\drivers\uefi.sys
2019-08-15 15:24:06 ----A---- C:\Windows\system32\drivers\spaceport.sys
2019-08-15 15:24:06 ----A---- C:\Windows\system32\drivers\scmbus.sys
2019-08-15 15:24:06 ----A---- C:\Windows\system32\drivers\pmem.sys
2019-08-14 12:23:46 ----D---- C:\Users\Dan\AppData\Roaming\Sun
2019-08-14 12:23:40 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2019-08-14 12:23:21 ----D---- C:\Program Files (x86)\Java
2019-08-14 00:10:48 ----D---- C:\Windows\SYSWOW64\XPSViewer
2019-08-14 00:10:21 ----D---- C:\Program Files (x86)\Reference Assemblies
2019-08-14 00:10:21 ----D---- C:\Program Files (x86)\MSBuild
2019-08-14 00:10:19 ----D---- C:\Program Files\Reference Assemblies
2019-08-14 00:10:19 ----D---- C:\Program Files\MSBuild
2019-08-14 00:08:40 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2019-08-14 00:08:40 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2019-08-14 00:08:40 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-08-14 00:08:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2019-08-14 00:08:34 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2019-08-14 00:08:33 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-08-04 15:12:56 ----D---- C:\Users\Dan\AppData\Roaming\11bitstudios
2019-08-02 21:21:14 ----D---- C:\SinusBot
2019-08-01 13:42:43 ----D---- C:\Program Files\TeamSpeak 3 Client

======List of files/folders modified in the last 1 month======

2019-08-29 19:09:17 ----D---- C:\Windows\Prefetch
2019-08-29 19:09:16 ----D---- C:\Windows\Temp
2019-08-29 19:09:10 ----RD---- C:\Program Files
2019-08-29 19:09:01 ----D---- C:\Users\Dan\AppData\Roaming\uTorrent
2019-08-29 19:02:49 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-08-29 18:51:26 ----D---- C:\Windows\system32\NDF
2019-08-29 18:20:24 ----D---- C:\Users\Dan\AppData\Roaming\TS3Client
2019-08-29 18:16:03 ----D---- C:\Windows\system32\sru
2019-08-29 18:15:26 ----D---- C:\Program Files (x86)\Steam
2019-08-29 16:03:33 ----D---- C:\Nastavení
2019-08-29 16:03:23 ----HD---- C:\ProgramData
2019-08-29 16:02:17 ----D---- C:\Windows\Tasks
2019-08-29 16:02:17 ----D---- C:\Windows\system32\Tasks
2019-08-29 16:02:15 ----SHD---- C:\Windows\Installer
2019-08-29 16:02:10 ----D---- C:\Windows\system32\drivers
2019-08-29 16:02:10 ----D---- C:\Windows\INF
2019-08-29 16:02:09 ----D---- C:\Windows\system32\DriverStore
2019-08-29 16:02:09 ----D---- C:\Windows\system32\catroot2
2019-08-29 16:00:16 ----SHD---- C:\System Volume Information
2019-08-29 15:59:55 ----RD---- C:\Program Files (x86)
2019-08-29 14:42:20 ----D---- C:\HRY
2019-08-29 14:21:56 ----D---- C:\Windows\system32\SleepStudy
2019-08-29 13:59:58 ----D---- C:\ProgramData\Oracle
2019-08-29 12:13:49 ----RD---- C:\Windows\Microsoft.NET
2019-08-29 09:25:55 ----D---- C:\Filmy
2019-08-29 07:10:27 ----D---- C:\Users\Dan\AppData\Roaming\Discord
2019-08-29 07:08:00 ----D---- C:\Program Files (x86)\Common Files
2019-08-29 07:06:50 ----D---- C:\Windows\system32\LogFiles
2019-08-29 01:59:17 ----D---- C:\ProgramData\NVIDIA
2019-08-29 01:57:10 ----D---- C:\Windows\system32\config
2019-08-29 01:07:47 ----D---- C:\Users\Dan\AppData\Roaming\vlc
2019-08-28 20:53:14 ----D---- C:\Windows\Panther
2019-08-28 20:11:59 ----HD---- C:\Program Files\WindowsApps
2019-08-28 20:11:46 ----D---- C:\Windows\AppReadiness
2019-08-28 20:00:23 ----D---- C:\Windows\System32
2019-08-27 18:01:11 ----HD---- C:\Windows\ELAMBKUP
2019-08-26 09:14:24 ----D---- C:\Users\Dan\AppData\Roaming\.minecraft
2019-08-26 08:49:19 ----D---- C:\ProgramData\CanonIJPLM
2019-08-25 13:13:21 ----SD---- C:\Users\Dan\AppData\Roaming\Microsoft
2019-08-25 13:07:47 ----D---- C:\Program Files (x86)\Overwolf
2019-08-22 18:39:15 ----D---- C:\Windows\SYSWOW64\directx
2019-08-22 18:38:49 ----HD---- C:\Windows\msdownld.tmp
2019-08-22 18:38:33 ----D---- C:\Windows\Logs
2019-08-22 11:04:34 ----D---- C:\Games
2019-08-21 11:02:23 ----D---- C:\Windows
2019-08-21 02:56:22 ----D---- C:\Windows\WinSxS
2019-08-18 14:14:01 ----D---- C:\Program Files (x86)\Microsoft Office
2019-08-16 14:00:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-08-16 13:50:43 ----D---- C:\Windows\SYSWOW64\oobe
2019-08-16 13:50:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-08-16 13:50:43 ----D---- C:\Windows\SysWOW64
2019-08-16 13:50:31 ----SD---- C:\Windows\system32\UNP
2019-08-16 13:50:31 ----D---- C:\Windows\system32\wbem
2019-08-16 13:50:30 ----D---- C:\Windows\system32\oobe
2019-08-16 13:50:30 ----D---- C:\Windows\system32\en-US
2019-08-16 13:50:30 ----D---- C:\Windows\system32\drivers\cs-CZ
2019-08-16 13:50:29 ----D---- C:\Windows\system32\cs-CZ
2019-08-16 13:50:29 ----D---- C:\Windows\system32\Boot
2019-08-16 13:50:09 ----D---- C:\Windows\Provisioning
2019-08-16 13:50:09 ----D---- C:\Windows\PolicyDefinitions
2019-08-16 13:50:08 ----D---- C:\Windows\bcastdvr
2019-08-16 13:50:08 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-16 13:50:08 ----D---- C:\Program Files\internet explorer
2019-08-16 13:50:08 ----D---- C:\Program Files (x86)\Internet Explorer
2019-08-15 16:08:56 ----RSD---- C:\Windows\assembly
2019-08-15 15:27:39 ----D---- C:\Windows\CbsTemp
2019-08-15 11:16:47 ----D---- C:\Windows\system32\MRT
2019-08-14 12:11:38 ----AC---- C:\Windows\system32\MRT.exe
2019-08-14 09:50:05 ----D---- C:\Program Files\WinRAR
2019-08-14 00:51:24 ----D---- C:\Obrazky
2019-08-14 00:10:48 ----D---- C:\Windows\SYSWOW64\MUI
2019-08-14 00:10:48 ----D---- C:\Windows\system32\MUI
2019-08-14 00:10:22 ----RSD---- C:\Windows\Fonts
2019-08-13 22:45:53 ----D---- C:\Users\Dan\AppData\Roaming\audacity
2019-08-06 04:13:15 ----D---- C:\ProgramData\Package Cache
2019-08-04 22:06:45 ----D---- C:\Hudba
2019-08-04 09:28:41 ----D---- C:\Program Files\Epic Games
2019-08-01 16:51:57 ----D---- C:\Windows\system32\CatRoot
2019-08-01 16:50:41 ----D---- C:\Users\Dan\AppData\Roaming\Wargaming.net
2019-08-01 16:16:47 ----D---- C:\Windows\LiveKernelReports

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdpsp;@oem3.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\Windows\System32\drivers\amdpsp.sys [2017-06-12 243048]
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2019-08-27 37104]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-08-27 205848]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-08-27 61472]
R0 aswElam;aswElam; C:\Windows\system32\drivers\aswElam.sys [2019-05-14 15488]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-08-27 87944]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-08-27 387176]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2019-04-10 55608]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2019-08-15 317240]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-09-15 40960]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-08-27 209552]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-08-27 263008]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2019-08-27 282768]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-08-27 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-08-27 112312]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-08-27 1030784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-08-27 478096]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-08-27 169408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-08-27 236024]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2019-04-10 452096]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2019-04-10 51712]
R3 amdgpio2;@oem28.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio2.sys [2019-04-17 34568]
R3 amdgpio3;@oem4.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio3.sys [2016-08-12 24424]
R3 AMDPCIDev;@oem2.inf,%AMDPCIDev.SVCDESC%;AMD PCI; C:\Windows\System32\drivers\AMDPCIDev.sys [2018-04-25 31592]
R3 dtlitescsibus;@oem29.inf,%DisplayName%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2019-06-19 42256]
R3 dtliteusbbus;@oem30.inf,%DisplayName%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2019-06-19 59360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2018-11-28 6486400]
R3 NVHDA;@oem17.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [2017-11-09 16936048]
R3 rt640x64;@oem7.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2018-08-30 1122200]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\System32\drivers\rtwlane.sys [2018-09-15 8169472]
R3 ScpVBus;@oem24.inf,%ScpVBus.SVCDESC%;Scp Virtual Bus Driver; C:\Windows\System32\drivers\ScpVBus.sys [2013-05-05 39168]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2019-08-15 134968]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 amdkmcsp;@oem3.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2017-06-12 101232]
S3 AppleLowerFilter;@oem31.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\Windows\System32\drivers\AppleLowerFilter.sys [2018-05-10 35560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2019-04-10 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2019-08-15 104248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2019-04-10 111104]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-07-09 91136]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2019-08-15 1232384]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2019-08-15 92672]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-09-15 63288]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-09-15 125952]
S3 DFX12;@oem27.inf,%DFX_Device.SvcDesc%;DFX Audio Enhancer; C:\Windows\system32\drivers\dfx12x64.sys [2015-11-15 39048]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 Guijiuzchin;Guijiuzchin; \??\C:\Windows\system32\Guijiuzchin.sys []
S3 Hamachi;@oem26.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\Windows\system32\DRIVERS\Hamdrv.sys [2019-04-02 45680]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2019-06-12 80400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2019-07-09 290304]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2019-08-15 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ProtonVPNSplitTunnelCalloutDriver;ProtonVPNSplitTunnelCalloutDriver; \??\C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [2019-07-02 48664]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-04-25 981816]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2018-09-15 202240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-09-15 33080]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-09-15 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-08-27 405072]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-08-27 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_1cddae4;Uživatelská služba platformy připojených zařízení_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-08-08 11469920]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 Ds3Service;SCP DS3 Service; C:\Users\Dan\Desktop\ps3 controller\ScpServer\bin\ScpService.exe [2013-05-05 388352]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2019-02-28 398792]
R2 NahimicService;@oem32.inf,%SERVICE_FRIENDLY_NAME%;Nahimic service; C:\Windows\system32\NahimicService.exe [2019-07-11 1451976]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 OneSyncSvc_1cddae4;Hostitel synchronizace_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 ProtonVPN Service;ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [2019-07-25 86840]
R2 RtkAudioUniversalService;Realtek Audio Universal Service; C:\Windows\System32\RtkAudUService64.exe [2018-11-28 817232]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_1cddae4;Uživatelská služba schránky_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2019-06-19 4452456]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2019-08-15 864568]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-04-28 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-08-27 5975136]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_1cddae4;Uživatelská služba pro GameDVR a vysílání her_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-04-28 8473200]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_1cddae4;Služba pro podporu uživatelů Bluetooth_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_1cddae4;CaptureService_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_1cddae4;ConsentUX_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_1cddae4;DevicePicker_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_1cddae4;Tok zařízení_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-20 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2019-05-22 803440]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-09-09 43632]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe [2019-08-24 1096176]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-04-28 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_1cddae4;Služba zasílání zpráv_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ose;Office Source Engine; c:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 226304]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2019-08-18 2431816]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc_1cddae4;Data kontaktů_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_1cddae4;PrintWorkflow_1cddae4; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2019-08-15 5356848]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2019-08-15 831288]

-----------------EOF-----------------

[Conder]

Ahoj

Nastavoval si si vlastne DNS servery (82.163.142.9; 95.211.158.137)?

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[Syslandos]

Ahoj já jsem to tím ADWCleanerem vyčistil ale teď mi nejede wifi na které jsem byl připojen tak jsem ji restartoval i komp a nic. Ale i tak tady je ten log.
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-30-2019
# Duration: 00:00:14
# OS: Windows 10 Pro
# Cleaned: 82
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\KRKjRhKedFYZC
Deleted C:\Program Files (x86)\MLeemHqgAGUn
Deleted C:\Program Files (x86)\Microleaves
Deleted C:\Program Files (x86)\PKSPZIJWJEbMzGbJleR
Deleted C:\Program Files (x86)\blKRurWOZIE
Deleted C:\Program Files (x86)\bmsfdpuAXweU2
Deleted C:\Program Files (x86)\rwSoHhuEU
Deleted C:\ProgramData\5190386859270139866
Deleted C:\ProgramData\CloudPrinter
Deleted C:\ProgramData\Jetmedia
Deleted C:\ProgramData\Logic Cramble
Deleted C:\ProgramData\Quoteex
Deleted C:\ProgramData\Quoteexs
Deleted C:\ProgramData\nELlglsTJTmlfiVB
Deleted C:\Users\Dan\AppData\Roaming\Microleaves
Deleted C:\Users\Dan\AppData\Roaming\Tencent
Deleted C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}

***** [ Files ] *****

Deleted C:\Users\Dan\AppData\Local\Main.dat
Deleted C:\Users\Dan\appdata\local\installationconfiguration.xml
Deleted C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted C:\Windows\SysWOW64\findit.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\UPDATER_ONLINE_APPLICATION
Deleted C:\Windows\Tasks\UPDATER_ONLINE_APPLICATION.JOB

***** [ Registry ] *****

Deleted HKCU\Environment|SNF
Deleted HKCU\Environment|SNP
Deleted HKCU\SOFTWARE\53853a48316e3ee4c60b4e166e2081fb
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\banggood.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\qq.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tango-deg.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tgb.qq.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\banggood.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\qq.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tango-deg.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tgb.qq.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\utop.it
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKCU\Software\SetupCompany
Deleted HKCU\Software\mtQuoteex
Deleted HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58B6C43F-F27D-4782-92AD-760B6E8BD148}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58B6C43F-F27D-4782-92AD-760B6E8BD148}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\Quoteex\Touchex.dll"
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Multitimer
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Wow6432Node\Jetmedia
Deleted HKLM\Software\Wow6432Node\Microleaves
Deleted HKLM\Software\Wow6432Node\\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted HKLM\Software\Wow6432Node\\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe
Deleted HKLM\Software\Wow6432Node\\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted HKLM\Software\Wow6432Node\mtQuoteex
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{125f4a4d-5311-4293-9d15-d8c0b6a2abda}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{125f4a4d-5311-4293-9d15-d8c0b6a2abda}|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{125f4a4d-5311-4293-9d15-d8c0b6a2abda}|NameServer - "95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86974beb-0a57-4822-bd75-ac4ea2b3a751}|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86974beb-0a57-4822-bd75-ac4ea2b3a751}|NameServer - "95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{94728099-ac2a-4301-8972-0780d2aa5c2f}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{94728099-ac2a-4301-8972-0780d2aa5c2f}|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{94728099-ac2a-4301-8972-0780d2aa5c2f}|NameServer - "95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{be8254c5-c9ea-4ed6-82d6-97b9e9df4626}|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{be8254c5-c9ea-4ed6-82d6-97b9e9df4626}|NameServer - "95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "95.211.158.137"
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [11180 octets] - [30/08/2019 15:03:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Internet stale nefunguje?

Poprosim o obidva logy z FRST - https://forum.viry.cz/viewtopic.php?f=13&t=154679