Dobry den,
prosím o preventivni kontrolu pc
Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2019-08-31 09:54:17
Microsoft Windows 10 Pro
System drive C: has 43 GB (38%) free of 114 GB
Total RAM: 16312 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:54:20, on 31.8.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0592)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
G:\Games\Steam\Steam.exe
C:\Program Files (x86)\IObit\Driver Booster\6.5.0\Pub\PubMonitor.exe
C:\Program Files\trend micro\David.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKCU\..\Run: [HP DeskJet 4530 series (NET)] "C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH6954D01F0661:NW" -scfn "HP DeskJet 4530 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'DefaultAppPool')
O4 - Global Startup: $McRebootA5E6DEAA56$.lnk = ?
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~1\MICROS~3\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Služba Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: FACEITService - Unknown owner - C:/Program Files/FACEIT AC/FACEITService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
O23 - Service: MSI Gaming Hotkey Service (GamingHotkey_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_19.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe
O23 - Service: Služba Kaspersky Secure Connection 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: MSI Fast Boot Service (MSI_FastBoot) - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI Super Charger Service (MSI_SuperCharger) - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50303 (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star INT'L CO., LTD. - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
--
End of file - 15825 bytes
======Listing Processes======
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s CscService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a6ea7c7d-a9ec-4b12-a504-46d5a6ed2a51 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a3dcbf2f-1225-4a35-9ba4-080f1cc76c29 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d04043c3-c404-4827-aebf-6571bf198472 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ab5cf45b-6cf5-4f85-9ac8-173747e06c43 -LifetimeId:1cef8252-097b-4428-a623-c06ad69f8e7f -DeviceGroupId:WpdFsGroup -HostArg:0
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9d0535b6-041b-427f-b0a7-71c8ec9c507c -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ca990030-ebce-43e0-9ca3-0b7cfd3851cb -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-21b51a5f-6e8f-4bcd-8a8f-6d50c9523a4f -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-24e707ce-bd7a-4523-bdfb-f828f6e2a955 -LifetimeId:51156313-60cc-45c6-94a6-fbfc108f1286 -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k apphost -s AppHostSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
dashost.exe {a827d644-581b-4c0e-b5e0b9f5b39171a1}
"C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe"
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe"
"C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe"
"C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\MSI\Smart Utilities\SuperRAIDSvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
dashost.exe {b88489e9-97ee-4cc4-916c06db55b71af9}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe" /hw
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\AUDIODG.EXE 0x67c
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\iPod\bin\iPodService.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe" --normal
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe"
C:\Windows\SysWOW64\muachost.exe
"C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe" --start
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe"
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe" -hidden
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1964,15035226708067444082,13098696544856899096,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\David\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\David\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=9862419976970243678 --mojo-platform-channel-handle=1896 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\David\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1964,15035226708067444082,13098696544856899096,131072 --disable-features=VizDisplayCompositor --service-pipe-token=12987741465730922669 --lang=en-US --log-file="C:\Users\David\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12987741465730922669 --renderer-client-id=3 --mojo-platform-channel-handle=2560 /prefetch:1
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"G:\iTunes\iTunesHelper.exe"
"C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH6954D01F0661:NW" -scfn "HP DeskJet 4530 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe"
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
"C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"G:\Games\Steam\Steam.exe"
G:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe "-lang=cs_CZ" "-cachedir=C:\Users\David\AppData\Local\Steam\htmlcache" "-steampid=3112" "-buildid=1566431379" "-steamid=0" "-steamuniverse=Dev" "-clientui=G:\Games\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=G:\Games\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
G:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler --database=G:\Games\Steam\dumps "--metrics-dir=C:\Users\David\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1566431379 --initial-client-data=0x2d0,0x2dc,0x2e4,0x2cc,0x2e0,0x7ffe12edf760,0x7ffe12edf770,0x7ffe12edf780
"G:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1336,18265574556375153941,8103800486442071249,131072 --log-file="G:\Games\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1566431379 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=13512636096337158681 --mojo-platform-channel-handle=1368 --ignored=" --type=renderer " /prefetch:2
"G:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1336,18265574556375153941,8103800486442071249,131072 --service-pipe-token=13281058826642504146 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="G:\Games\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1566431379 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13281058826642504146 --renderer-client-id=3 --mojo-platform-channel-handle=2184 /prefetch:1
"G:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1336,18265574556375153941,8103800486442071249,131072 --service-pipe-token=10371795461483367286 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="G:\Games\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1566431379 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=10371795461483367286 --renderer-client-id=5 --mojo-platform-channel-handle=2520 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\IObit\Driver Booster\6.5.0\Pub\PubMonitor.exe" /DB
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\David\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=76.0.3809.132 --initial-client-data=0x88,0x8c,0x90,0x80,0x94,0x7ffe07f9ef08,0x7ffe07f9ef18,0x7ffe07f9ef28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9620 --on-initialized-event-handle=76 --parent-handle=532 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --gpu-preferences=IAAAAAAAAADgAAAwAAAAAAAAYAAAAAAACAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --service-request-channel-token=8360648216952326078 --mojo-platform-channel-handle=1636 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=16514894614993473407 --mojo-platform-channel-handle=1832 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12309752240891818370 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11007564218092506032 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2588 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13335764415484421510 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2584 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --service-sandbox-type=audio --service-request-channel-token=15697134728198831749 --mojo-platform-channel-handle=5584 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5855674856622027157 --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17396948915669882444 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=896 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1540,3745789875551339666,1320128893484105439,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12473844463753525803 --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe28_ Global\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\David\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe
C:\WINDOWS\tasks\RtlNetworkGenieVistaStart.job - C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe /hw
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31 226984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31 2165976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-15 1410256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31 1512152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-15 1179344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C500C267-63BF-451F-8797-4D720C9A2ED9} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-15 1410256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{C500C267-63BF-451F-8797-4D720C9A2ED9} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2019-04-15 1179344]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-05-16 9270560]
"iTunesHelper"=G:\iTunes\iTunesHelper.exe [2019-07-19 302904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 4530 series (NET)"=C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [2017-04-06 3770504]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2019-05-08 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2019-05-08 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2019-05-08 356664]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2015-04-22 759120]
"Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [2016-06-14 835680]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2017-11-10 1028280]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2019-08-13 26282160]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
$McRebootA5E6DEAA56$.lnk -
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-08-31 09:54:17 ----D---- C:\rsit
2019-08-31 09:54:17 ----D---- C:\Program Files\trend micro
2019-08-31 09:48:36 ----D---- C:\FRST
2019-08-28 18:07:50 ----A---- C:\WINDOWS\SYSWOW64\vcruntime140_clr0400.dll
2019-08-28 18:07:50 ----A---- C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-08-28 18:07:48 ----A---- C:\WINDOWS\SYSWOW64\msvcp140_clr0400.dll
2019-08-28 18:07:48 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2019-08-28 18:07:48 ----A---- C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-08-28 18:07:47 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-08-28 18:07:46 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2019-08-28 18:07:44 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2019-08-28 18:07:42 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase_clr0400.dll
2019-08-28 18:07:42 ----A---- C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-08-27 22:18:38 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2019-08-27 22:18:38 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2019-08-27 22:18:38 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2019-08-27 22:18:38 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2019-08-27 22:18:38 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2019-08-27 22:18:38 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-08-27 22:18:38 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2019-08-27 22:18:38 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-08-27 22:18:38 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2019-08-27 22:18:38 ----A---- C:\WINDOWS\system32\OpenCL.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvdispgenco6443615.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvdispco6443615.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvcuda.dll
2019-08-27 22:18:37 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2019-08-21 20:01:42 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2019-08-21 20:01:37 ----A---- C:\WINDOWS\system32\nvdispgenco6443602.dll
2019-08-21 20:01:37 ----A---- C:\WINDOWS\system32\nvdispco6443602.dll
2019-08-14 08:40:59 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2019-08-14 08:40:59 ----A---- C:\WINDOWS\system32\wmp.dll
2019-08-14 08:40:58 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2019-08-14 08:40:58 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2019-08-14 08:40:58 ----A---- C:\WINDOWS\system32\tellib.dll
2019-08-14 08:40:58 ----A---- C:\WINDOWS\system32\SyncController.dll
2019-08-14 08:40:58 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-14 08:40:58 ----A---- C:\WINDOWS\system32\drivers\mssecflt.sys
2019-08-14 08:40:58 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2019-08-14 08:40:57 ----A---- C:\WINDOWS\system32\mqqm.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\p2pnetsh.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\P2PGraph.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2019-08-14 08:40:53 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2019-08-14 08:40:52 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-08-14 08:40:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-08-14 08:40:51 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-08-14 08:40:50 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-08-14 08:40:50 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-08-14 08:40:50 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-08-14 08:40:50 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2019-08-14 08:40:50 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2019-08-14 08:40:50 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-08-14 08:40:50 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2019-08-14 08:40:49 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\SYSWOW64\fsutil.exe
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\p2psvc.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\P2PGraph.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\P2P.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\offreg.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\Groupinghc.dll
2019-08-14 08:40:49 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\werconcpl.dll
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\srms.dat
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\nltest.exe
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2019-08-14 08:40:48 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2019-08-14 08:40:47 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-08-14 08:40:46 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-08-14 08:40:45 ----A---- C:\WINDOWS\system32\werui.dll
2019-08-14 08:40:45 ----A---- C:\WINDOWS\system32\jscript.dll
2019-08-14 08:40:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2019-08-14 08:40:45 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-08-14 08:40:45 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-08-14 08:40:45 ----A---- C:\WINDOWS\system32\ClipUp.exe
2019-08-14 08:40:44 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2019-08-14 08:40:44 ----A---- C:\WINDOWS\system32\RDXService.dll
2019-08-14 08:40:44 ----A---- C:\WINDOWS\system32\mispace.dll
2019-08-14 08:40:44 ----A---- C:\WINDOWS\system32\fsutil.exe
2019-08-14 08:40:44 ----A---- C:\WINDOWS\system32\BioIso.exe
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\shunimpl.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2019-08-14 08:40:43 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\xmllite.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Diagnostics.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\drvsetup.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2019-08-14 08:40:42 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2019-08-14 08:40:41 ----A---- C:\WINDOWS\SYSWOW64\ComposableShellProxyStub.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\LicensingDiagSpp.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2019-08-14 08:40:40 ----A---- C:\WINDOWS\system32\wininet.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-08-14 08:40:40 ----A---- C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-14 08:40:39 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-08-14 08:40:39 ----A---- C:\WINDOWS\system32\gpsvc.dll
2019-08-14 08:40:38 ----A---- C:\WINDOWS\system32\kdnet.dll
2019-08-14 08:40:38 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-08-14 08:40:38 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-08-14 08:40:38 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2019-08-14 08:40:38 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\twinui.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\sppc.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\msctf.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\CoreShell.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-14 08:40:36 ----A---- C:\WINDOWS\system32\bootux.dll
2019-08-14 08:40:35 ----A---- C:\WINDOWS\system32\winresume.exe
2019-08-14 08:40:35 ----A---- C:\WINDOWS\system32\winload.exe
2019-08-14 08:40:35 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2019-08-14 08:40:35 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\vpnike.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\sppwinob.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\sppcext.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\shunimpl.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\shell32.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\services.exe
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\rastapi.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\nlasvc.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\newdev.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\hal.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\drvinst.exe
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\comdlg32.dll
2019-08-14 08:40:33 ----A---- C:\WINDOWS\system32\APMon.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\Unistore.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\rmclient.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\rdpbase.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\psmsrv.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\ISM.dll
2019-08-14 08:40:32 ----A---- C:\WINDOWS\system32\daxexec.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\tquery.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\mssrch.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\mssph.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\msscntrs.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-08-14 08:40:31 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-14 08:40:30 ----A---- C:\WINDOWS\system32\appsruprov.dll
2019-08-14 08:40:29 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-08-14 08:40:29 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-14 08:40:29 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-14 08:40:29 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-14 08:40:29 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-14 08:40:29 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\wpx.dll
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\WpcTok.exe
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\WpcMon.exe
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\kdcpw.dll
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\hmkd.dll
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2019-08-14 08:40:28 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2019-08-14 08:40:28 ----A---- C:\WINDOWS\explorer.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\wuuhext.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\wer.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\usocore.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\UsoClient.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\usoapi.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\updatecsp.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-14 08:40:26 ----A---- C:\WINDOWS\system32\AppVClient.exe
2019-08-14 08:40:25 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\wuapi.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\skci.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\netlogon.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\LsaIso.exe
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\drvsetup.dll
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-08-14 08:40:25 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\xmllite.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\wldp.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\wc_storage.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\tzres.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\logoncli.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\dnsapi.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\combase.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\ci.dll
2019-08-14 08:40:24 ----A---- C:\WINDOWS\system32\bcdedit.exe
2019-08-14 08:40:23 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2019-08-14 08:40:23 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-08-14 08:40:23 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2019-08-14 08:40:23 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-08-14 08:40:23 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-08-14 08:40:23 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-08-14 08:40:23 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2019-08-14 08:40:23 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-08-14 08:40:23 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\rdpnano.dll
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\uefi.sys
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\pmem.sys
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2019-08-14 08:40:22 ----A---- C:\WINDOWS\system32\computestorage.dll
2019-08-14 08:40:21 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
======List of files/folders modified in the last 1 month======
2019-08-31 09:54:20 ----D---- C:\WINDOWS\Prefetch
2019-08-31 09:54:17 ----RD---- C:\Program Files
2019-08-31 09:51:43 ----D---- C:\ProgramData\Kaspersky Lab
2019-08-31 09:49:16 ----D---- C:\WINDOWS\system32\catroot2
2019-08-31 09:48:37 ----SHD---- C:\System Volume Information
2019-08-31 09:42:46 ----D---- C:\ProgramData\NVIDIA
2019-08-31 09:42:18 ----D---- C:\WINDOWS\INF
2019-08-31 09:42:17 ----D---- C:\WINDOWS\Temp
2019-08-31 09:42:17 ----D---- C:\WINDOWS\debug
2019-08-31 09:42:17 ----D---- C:\Windows
2019-08-31 09:37:02 ----D---- C:\Users\David\AppData\Roaming\Spotify
2019-08-31 09:36:39 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-08-31 09:33:07 ----D---- C:\WINDOWS\system32\sru
2019-08-30 19:27:23 ----D---- C:\WINDOWS\system32\SleepStudy
2019-08-30 13:02:39 ----D---- C:\WINDOWS\System32
2019-08-30 13:02:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-30 13:02:35 ----D---- C:\MSI
2019-08-30 12:56:42 ----AD---- C:\Program Files (x86)\TeamViewer
2019-08-30 11:57:04 ----D---- C:\Users\David\AppData\Roaming\vlc
2019-08-30 08:09:53 ----RD---- C:\WINDOWS\Microsoft.NET
2019-08-30 08:09:25 ----RSD---- C:\WINDOWS\assembly
2019-08-30 08:03:03 ----D---- C:\WINDOWS\system32\config
2019-08-30 07:24:54 ----HD---- C:\Program Files\WindowsApps
2019-08-30 07:24:54 ----D---- C:\WINDOWS\AppReadiness
2019-08-29 19:04:14 ----D---- C:\WINDOWS\CbsTemp
2019-08-29 19:04:13 ----D---- C:\WINDOWS\WinSxS
2019-08-29 19:03:38 ----D---- C:\WINDOWS\Panther
2019-08-29 18:23:36 ----D---- C:\WINDOWS\system32\DriverStore
2019-08-29 18:22:09 ----SHD---- C:\Recovery
2019-08-29 18:15:10 ----D---- C:\WINDOWS\Registration
2019-08-29 18:15:00 ----HD---- C:\$WINDOWS.~BT
2019-08-28 18:30:41 ----D---- C:\WINDOWS\SysWOW64
2019-08-28 17:59:43 ----D---- C:\WINDOWS\system32\Tasks
2019-08-28 17:59:43 ----D---- C:\Users\David\AppData\Roaming\MSI
2019-08-28 16:15:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-08-27 22:20:52 ----D---- C:\WINDOWS\system32\drivers
2019-08-27 22:14:14 ----D---- C:\ProgramData\NVIDIA Corporation
2019-08-27 22:14:05 ----D---- C:\Program Files\NVIDIA Corporation
2019-08-27 10:59:29 ----D---- C:\Program Files (x86)\MSI
2019-08-26 09:09:02 ----A---- C:\WINDOWS\system32\nvapi64.dll
2019-08-26 09:09:00 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2019-08-25 05:58:23 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2019-08-25 05:58:23 ----A---- C:\WINDOWS\system32\nvcpl.dll
2019-08-25 05:58:22 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2019-08-25 05:58:21 ----A---- C:\WINDOWS\system32\nvshext.dll
2019-08-25 05:58:21 ----A---- C:\WINDOWS\system32\nvmctray.dll
2019-08-25 05:58:21 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2019-08-25 05:58:21 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2019-08-24 08:37:08 ----D---- C:\ProgramData\ProductData
2019-08-24 00:13:42 ----SHDC---- C:\WINDOWS\Installer
2019-08-24 00:13:42 ----SHD---- C:\Config.Msi
2019-08-19 10:32:09 ----D---- C:\WINDOWS\Logs
2019-08-17 00:03:14 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-08-14 16:19:21 ----SD---- C:\WINDOWS\system32\UNP
2019-08-14 16:19:21 ----D---- C:\WINDOWS\SYSWOW64\oobe
2019-08-14 16:19:21 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-08-14 16:19:21 ----D---- C:\WINDOWS\system32\wbem
2019-08-14 16:19:21 ----D---- C:\WINDOWS\system32\oobe
2019-08-14 16:19:21 ----D---- C:\WINDOWS\system32\en-US
2019-08-14 16:19:21 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2019-08-14 16:19:21 ----D---- C:\WINDOWS\system32\cs-CZ
2019-08-14 16:19:21 ----D---- C:\WINDOWS\system32\Boot
2019-08-14 16:19:20 ----D---- C:\WINDOWS\Provisioning
2019-08-14 16:19:20 ----D---- C:\WINDOWS\PolicyDefinitions
2019-08-14 16:19:20 ----D---- C:\WINDOWS\bcastdvr
2019-08-14 16:19:20 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-14 16:19:20 ----D---- C:\Program Files\internet explorer
2019-08-14 16:19:20 ----D---- C:\Program Files (x86)\Internet Explorer
2019-08-14 16:19:19 ----D---- C:\WINDOWS\system32\LogFiles
2019-08-14 14:35:28 ----D---- C:\WINDOWS\system32\Macromed
2019-08-14 14:35:27 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-08-14 08:43:57 ----D---- C:\WINDOWS\system32\MRT
2019-08-14 08:41:47 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-08-13 15:58:41 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2019-08-13 15:58:39 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2019-08-13 15:58:38 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-08-13 14:43:57 ----D---- C:\Users\David\AppData\Roaming\FACEIT
2019-08-13 14:43:29 ----D---- C:\Program Files\FACEIT AC
2019-08-13 11:41:03 ----D---- C:\WINDOWS\system32\CatRoot
2019-08-12 20:16:14 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2019-08-11 19:00:24 ----A---- C:\WINDOWS\system32\klhkum.dll
2019-08-11 14:13:28 ----D---- C:\Users\David\AppData\Roaming\IObit
2019-08-11 13:52:35 ----D---- C:\ProgramData\IObit
2019-08-07 08:57:52 ----D---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\WINDOWS\system32\DRIVERS\cm_km.sys [2018-01-27 243400]
R0 FACEIT;FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [2019-08-13 16475000]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2019-06-22 574528]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-01-03 55608]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [2019-04-15 75600]
R0 klupd_klif_arkmon;klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [2019-04-27 245272]
R0 klupd_klif_klbg;klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [2019-04-27 116104]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2019-08-14 317240]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-09-15 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2019-06-22 27552]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [2019-08-11 126288]
R1 kldisk;kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [2019-04-15 91472]
R1 klhk;@oem94.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\WINDOWS\System32\drivers\klhk.sys [2019-08-11 1093240]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2019-08-11 1168000]
R1 klim6;@oem7.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys [2019-04-15 58704]
R1 klpd;Kaspersky Lab format recognizer driver; C:\WINDOWS\system32\DRIVERS\klpd.sys [2019-04-15 50304]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\WINDOWS\system32\DRIVERS\klwtp.sys [2019-04-15 184960]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2019-04-15 218240]
R1 ndisrd;@oem51.inf,%ndisrd_Desc%;WinpkFilter LightWeight Filter; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [2011-09-14 32360]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-13 452096]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2015-05-28 30224]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-01-03 51712]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-09-15 184320]
R3 athr;@oem88.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2019-06-22 4321160]
R3 I2cHkBurn;I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [2015-07-27 41760]
R3 ICCWDT;@oem82.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2019-06-22 39504]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [2014-05-27 22216]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\imsevent.sys [2014-05-27 22728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2019-05-16 6849624]
R3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [2013-11-11 20464]
R3 ipadtst2;ipadtst2; \??\C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [2016-07-29 16336]
R3 ISCT;@oem20.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\WINDOWS\System32\drivers\ISCTD.sys [2014-05-27 44744]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2019-08-11 236672]
R3 klids;klids; \??\C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [2019-08-28 197760]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2019-04-15 60536]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2019-04-15 60784]
R3 klpnpflt;Kaspersky Lab klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [2019-04-15 46416]
R3 kltap;@oem43.inf,%DeviceDescription%;Kaspersky Security Data Escort Adapter; C:\WINDOWS\System32\drivers\kltap.sys [2016-06-07 52152]
R3 klupd_klif_kimul;klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [2019-04-04 99152]
R3 klupd_klif_klark;klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [2019-04-27 302368]
R3 klupd_klif_mark;klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [2019-05-01 198768]
R3 lvrs64;@oem63.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem41.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
R3 MEIx64;@oem83.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2019-06-22 206488]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2017-03-29 14288]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID; \??\C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-03-17 13808]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [2012-11-26 13368]
R3 NVHDA;@oem97.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2019-08-17 228792]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvlddmkm.sys [2019-08-26 22366088]
R3 nvvad_WaveExtensible;@oem32.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem31.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2019-04-17 75600]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2017-03-30 29208]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-09-15 68608]
S3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 AppleKmdfFilter;@oem90.inf,%AppleKmdfFilterDisplayName%;Apple KMDF Filter Driver; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [2019-06-22 20640]
S3 AppleLowerFilter;@oem90.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2019-06-22 35560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2019-03-13 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-08-14 104248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-01-03 111104]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-07-11 91136]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-08-14 1232384]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-08-14 92672]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-09-15 63288]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-09-15 125952]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-01-05 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-01-27 47672]
S3 ew_usbccgpfilter;@oem44.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2018-08-23 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-06-11 80400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-09-15 124928]
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2017-10-20 36496]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS); C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [2017-10-20 67736]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-07-11 290304]
S3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2016-10-21 41088]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 NTIOLib_MBAPI;NTIOLib_MBAPI; \??\C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [2017-07-10 14288]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-07-23 30336]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-08-14 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-09-15 17408]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-09-15 33280]
S4 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [2019-04-15 104576]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-07-24 88136]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2019-04-29 96056]
R2 AVP19.0.0;Služba Kaspersky Anti-Virus 19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe [2018-03-01 619640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_1ff1754;Uživatelská služba platformy připojených zařízení_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2018-09-06 46776]
R2 GamingHotkey_Service;MSI Gaming Hotkey Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019-01-09 2027192]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2018-07-25 86688]
R2 MSI_FastBoot;MSI Fast Boot Service; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2017-12-21 113336]
R2 MSI_LiveUpdate_Service;MSI Live Update Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2019-08-13 2323632]
R2 MSI_SuperCharger;MSI Super Charger Service; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2019-02-14 183480]
R2 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-09-26 30240]
R2 MSICTL_CC;MSI Command Center control Service; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2017-02-15 2102880]
R2 MSIDDR_CC;MSI Command Center DDR Service; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2017-09-07 2330296]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2018-09-15 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-08-28 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-08-28 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-08-28 136256]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-08-05 860016]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-08-25 782136]
R2 OneSyncSvc_1ff1754;Hostitel synchronizace_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_1ff1754;Uživatelská služba schránky_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-06-24 171480]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2019-07-19 658232]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14 144200]
S2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service []
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-08-14 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-08-28 54912]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_1ff1754;Uživatelská služba pro GameDVR a vysílání her_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_1ff1754;Služba pro podporu uživatelů Bluetooth_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_1ff1754;CaptureService_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_1ff1754;ConsentUX_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_1ff1754;DevicePicker_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_1ff1754;Tok zařízení_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-16 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2019-08-14 802432]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 FACEITService;FACEITService; C:/Program Files/FACEIT AC/FACEITService.exe []
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-01-03 43632]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe [2019-08-24 1096176]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 intelsba;Intel(R) Small Business Advantage; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2014-03-27 54976]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 klvssbridge64_19.0.0;klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe [2019-03-19 414352]
S3 KSDE2.0.0;Služba Kaspersky Secure Connection 2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [2017-01-24 354672]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_1ff1754;Služba zasílání zpráv_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MSIClock_CC;MSI Command Center Clock Service; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2016-09-09 4163680]
S3 MSICOMM_CC;MSI Command Center Comm Service; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2017-01-06 2206304]
S3 MSICPU_CC;MSI Command Center CPU Service; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2017-02-24 4172896]
S3 MSISMB_CC;MSI Command Center SMBus Service; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2016-12-05 2076768]
S3 MSISuperIO_CC;MSI Command Center SuperIO Service; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2017-02-10 611936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-08-05 860016]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc_1ff1754;Data kontaktů_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_1ff1754;PrintWorkflow_1ff1754; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2019-08-14 831288]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivni kontrola pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivni kontrola pc
- Přílohy
-
- frstaddition.rar
- (28.69 KiB) Staženo 111 x
Re: Preventivni kontrola pc
Ahoj 
Vyskytuju sa aj nejake problemy s PC alebo je to cisto iba preventivka?
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Vyskytuju sa aj nejake problemy s PC alebo je to cisto iba preventivka? Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Preventivni kontrola pc
Jedná se jen o preventivku ale občas mě vyskakuje Reboot and select proper Boot Device při startu zapnutí PC ale opravdu jen sem tam
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-31-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 23
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\DriverToolkit
Deleted C:\Program Files (x86)\IOBIT\Driver Booster
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\David\AppData\Local\DriverToolkit
Deleted C:\Users\David\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\David\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster.lnk
Deleted C:\Users\Public\Desktop\Driver Booster 6.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SKIPUAC (DAVID)
***** [ Registry ] *****
Deleted HKCU\Software\DriverToolkit
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19170D05-F76A-406F-B369-93675FC0B2B8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18A01CCC-21D3-499F-8B09-8279EFC777EC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19170D05-F76A-406F-B369-93675FC0B2B8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVER BOOSTER SKIPUAC (DAVID)
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SamsungSmartSwitch
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3236 octets] - [31/08/2019 18:31:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-31-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 23
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\DriverToolkit
Deleted C:\Program Files (x86)\IOBIT\Driver Booster
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\David\AppData\Local\DriverToolkit
Deleted C:\Users\David\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\David\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster.lnk
Deleted C:\Users\Public\Desktop\Driver Booster 6.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SKIPUAC (DAVID)
***** [ Registry ] *****
Deleted HKCU\Software\DriverToolkit
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19170D05-F76A-406F-B369-93675FC0B2B8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18A01CCC-21D3-499F-8B09-8279EFC777EC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19170D05-F76A-406F-B369-93675FC0B2B8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVER BOOSTER SKIPUAC (DAVID)
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SamsungSmartSwitch
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3236 octets] - [31/08/2019 18:31:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Preventivni kontrola pc
Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd.) - su to cinske smejdy, ktore mozu poskodit system. AdwCleaner uz vacsinu z toho zmazal. Poprosim o obidva nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Preventivni kontrola pc
prikladam v rar souboru oba logy
- Přílohy
-
- frst.rar
- (27.76 KiB) Staženo 123 x
Re: Preventivni kontrola pc
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum HKU\S-1-5-21-1407317426-77626339-3557757244-1000\...\MountPoints2: {18c8328d-3903-11e9-9245-d8cb8a1946fd} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1407317426-77626339-3557757244-1000\...\MountPoints2: {6b0a23d1-c3f5-11e8-9237-d8cb8a1946fd} - "F:\HiSuiteDownLoader.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-03-07] Task: {0463136A-BCD2-409F-9A23-4C52AA429F9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {0D6D8BBB-455A-41C2-BBA5-174F5D326EAD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {1277B3C6-960D-4B94-BB23-9000522EAA0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {1920FAD1-A496-4261-8044-BB8460476B63} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {1DE923C8-70C2-47AE-8DD5-4ED63F9835C9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {2A316020-EAF5-4A42-871F-D6EC6ABD0569} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {7BB6FEE6-456C-4E1B-A31D-620D5627BCB0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {8EDA1888-C3AF-48B7-84D4-793748E22328} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {98AE324D-A8A1-4E35-827E-ACB7EC4DF826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {BCA72A70-3EE1-45F5-950C-FCF55FE2F6EE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {C539B3DF-227F-4A06-8E69-A30D627B9CB1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {E1C07ECE-0B5F-48D5-9566-CEE05BFAC35C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {E2AD8380-6522-4937-B04C-29CB635A3D66} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {FB80144A-BCC7-4F27-8B61-4C70DCBC3149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-1407317426-77626339-3557757244-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File 2019-08-31 09:54 - 2019-08-31 09:54 - 000000000 ____D C:\Program Files\trend micro 2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\Users\David\AppData\Roaming\IObit 2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\ProgramData\IObit 2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\Program Files (x86)\IObit ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File FirewallRules: [{04D5223C-A4A7-4F3F-AE9F-D08633F8ADF5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe No File FirewallRules: [{F4CAB0F9-53AE-4CAA-9F10-AB68FB252D2F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe No File FirewallRules: [{36DDEFE9-85A9-44A9-8EC7-6632EE95B1E1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DBDownloader.exe No File FirewallRules: [{00ED2D97-61DB-43C1-8827-83690538A8EB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DBDownloader.exe No File FirewallRules: [{0E01F90B-303A-4B2A-AE65-E396A9A34627}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\AutoUpdate.exe No File FirewallRules: [{01186596-5523-42C6-9DAE-72CBB89055BB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\AutoUpdate.exe No File C:\Program Files\IObit C:\Program Files (x86)\IObit C:\Program Files\Common Files\IObit C:\ProgramData\IObit C:\ProgramData\ProductData C:\Users\David\AppData\Local\IObit C:\Users\David\AppData\LocalLow\IObit C:\Users\David\AppData\Roaming\IObit C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster* C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare* C:\Users\Default\AppData\Local\IObit C:\Users\Default\AppData\LocalLow\IObit C:\Users\Default\AppData\Roaming\IObit C:\Users\Public\Desktop\*Driver Booster* C:\Users\Public\Desktop\*Advanced SystemCare* C:\Windows\IObit C:\Windows\Tasks\ImCleanDisabled C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Preventivni kontrola pc
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Ran by David (01-09-2019 08:29:13) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\...\MountPoints2: {18c8328d-3903-11e9-9245-d8cb8a1946fd} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\...\MountPoints2: {6b0a23d1-c3f5-11e8-9237-d8cb8a1946fd} - "F:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-03-07]
Task: {0463136A-BCD2-409F-9A23-4C52AA429F9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0D6D8BBB-455A-41C2-BBA5-174F5D326EAD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1277B3C6-960D-4B94-BB23-9000522EAA0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1920FAD1-A496-4261-8044-BB8460476B63} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1DE923C8-70C2-47AE-8DD5-4ED63F9835C9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {2A316020-EAF5-4A42-871F-D6EC6ABD0569} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7BB6FEE6-456C-4E1B-A31D-620D5627BCB0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8EDA1888-C3AF-48B7-84D4-793748E22328} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {98AE324D-A8A1-4E35-827E-ACB7EC4DF826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BCA72A70-3EE1-45F5-950C-FCF55FE2F6EE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C539B3DF-227F-4A06-8E69-A30D627B9CB1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E1C07ECE-0B5F-48D5-9566-CEE05BFAC35C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E2AD8380-6522-4937-B04C-29CB635A3D66} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FB80144A-BCC7-4F27-8B61-4C70DCBC3149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1407317426-77626339-3557757244-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
2019-08-31 09:54 - 2019-08-31 09:54 - 000000000 ____D C:\Program Files\trend micro
2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\Users\David\AppData\Roaming\IObit
2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\ProgramData\IObit
2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\Program Files (x86)\IObit
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
FirewallRules: [{04D5223C-A4A7-4F3F-AE9F-D08633F8ADF5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe No File
FirewallRules: [{F4CAB0F9-53AE-4CAA-9F10-AB68FB252D2F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe No File
FirewallRules: [{36DDEFE9-85A9-44A9-8EC7-6632EE95B1E1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DBDownloader.exe No File
FirewallRules: [{00ED2D97-61DB-43C1-8827-83690538A8EB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DBDownloader.exe No File
FirewallRules: [{0E01F90B-303A-4B2A-AE65-E396A9A34627}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\AutoUpdate.exe No File
FirewallRules: [{01186596-5523-42C6-9DAE-72CBB89055BB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\AutoUpdate.exe No File
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\David\AppData\Local\IObit
C:\Users\David\AppData\LocalLow\IObit
C:\Users\David\AppData\Roaming\IObit
C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 35
Average :
Sum : 27519346
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18c8328d-3903-11e9-9245-d8cb8a1946fd} => removed successfully
HKLM\Software\Classes\CLSID\{18c8328d-3903-11e9-9245-d8cb8a1946fd} => not found
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b0a23d1-c3f5-11e8-9237-d8cb8a1946fd} => removed successfully
HKLM\Software\Classes\CLSID\{6b0a23d1-c3f5-11e8-9237-d8cb8a1946fd} => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0463136A-BCD2-409F-9A23-4C52AA429F9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0463136A-BCD2-409F-9A23-4C52AA429F9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D6D8BBB-455A-41C2-BBA5-174F5D326EAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D6D8BBB-455A-41C2-BBA5-174F5D326EAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1277B3C6-960D-4B94-BB23-9000522EAA0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1277B3C6-960D-4B94-BB23-9000522EAA0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1920FAD1-A496-4261-8044-BB8460476B63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1920FAD1-A496-4261-8044-BB8460476B63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DE923C8-70C2-47AE-8DD5-4ED63F9835C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DE923C8-70C2-47AE-8DD5-4ED63F9835C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A316020-EAF5-4A42-871F-D6EC6ABD0569}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A316020-EAF5-4A42-871F-D6EC6ABD0569}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BB6FEE6-456C-4E1B-A31D-620D5627BCB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB6FEE6-456C-4E1B-A31D-620D5627BCB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EDA1888-C3AF-48B7-84D4-793748E22328}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EDA1888-C3AF-48B7-84D4-793748E22328}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98AE324D-A8A1-4E35-827E-ACB7EC4DF826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98AE324D-A8A1-4E35-827E-ACB7EC4DF826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCA72A70-3EE1-45F5-950C-FCF55FE2F6EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCA72A70-3EE1-45F5-950C-FCF55FE2F6EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C539B3DF-227F-4A06-8E69-A30D627B9CB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C539B3DF-227F-4A06-8E69-A30D627B9CB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1C07ECE-0B5F-48D5-9566-CEE05BFAC35C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1C07ECE-0B5F-48D5-9566-CEE05BFAC35C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2AD8380-6522-4937-B04C-29CB635A3D66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2AD8380-6522-4937-B04C-29CB635A3D66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FB80144A-BCC7-4F27-8B61-4C70DCBC3149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB80144A-BCC7-4F27-8B61-4C70DCBC3149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => removed successfully
"HKU\S-1-5-21-1407317426-77626339-3557757244-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => not found
C:\Program Files\trend micro => moved successfully
C:\Users\David\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04D5223C-A4A7-4F3F-AE9F-D08633F8ADF5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F4CAB0F9-53AE-4CAA-9F10-AB68FB252D2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36DDEFE9-85A9-44A9-8EC7-6632EE95B1E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00ED2D97-61DB-43C1-8827-83690538A8EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E01F90B-303A-4B2A-AE65-E396A9A34627}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01186596-5523-42C6-9DAE-72CBB89055BB}" => removed successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
"C:\ProgramData\IObit" => not found
C:\ProgramData\ProductData => moved successfully
"C:\Users\David\AppData\Local\IObit" => not found
C:\Users\David\AppData\LocalLow\IObit => moved successfully
"C:\Users\David\AppData\Roaming\IObit" => not found
=========== "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========
not found
========= End -> "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========
=========== "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========
"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found
=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========
=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========
"C:\Windows\IObit" => not found
C:\Windows\Tasks\ImCleanDisabled => moved successfully
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11640240 B
Java, Flash, Steam htmlcache => 615494307 B
Windows/system/drivers => 14399698 B
Edge => 179200 B
Chrome => 70002841 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3630 B
LocalService => 0 B
NetworkService => 954 B
NetworkService => 0 B
David => 2315082 B
DefaultAppPool => 16674 B
RecycleBin => 0 B
EmptyTemp: => 691 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:30:16 ====
Ran by David (01-09-2019 08:29:13) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\...\MountPoints2: {18c8328d-3903-11e9-9245-d8cb8a1946fd} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\...\MountPoints2: {6b0a23d1-c3f5-11e8-9237-d8cb8a1946fd} - "F:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-03-07]
Task: {0463136A-BCD2-409F-9A23-4C52AA429F9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0D6D8BBB-455A-41C2-BBA5-174F5D326EAD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1277B3C6-960D-4B94-BB23-9000522EAA0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1920FAD1-A496-4261-8044-BB8460476B63} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1DE923C8-70C2-47AE-8DD5-4ED63F9835C9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {2A316020-EAF5-4A42-871F-D6EC6ABD0569} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7BB6FEE6-456C-4E1B-A31D-620D5627BCB0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8EDA1888-C3AF-48B7-84D4-793748E22328} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {98AE324D-A8A1-4E35-827E-ACB7EC4DF826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BCA72A70-3EE1-45F5-950C-FCF55FE2F6EE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C539B3DF-227F-4A06-8E69-A30D627B9CB1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E1C07ECE-0B5F-48D5-9566-CEE05BFAC35C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E2AD8380-6522-4937-B04C-29CB635A3D66} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FB80144A-BCC7-4F27-8B61-4C70DCBC3149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1407317426-77626339-3557757244-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
2019-08-31 09:54 - 2019-08-31 09:54 - 000000000 ____D C:\Program Files\trend micro
2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\Users\David\AppData\Roaming\IObit
2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\ProgramData\IObit
2019-08-31 18:32 - 2019-06-22 19:30 - 000000000 ____D C:\Program Files (x86)\IObit
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
FirewallRules: [{04D5223C-A4A7-4F3F-AE9F-D08633F8ADF5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe No File
FirewallRules: [{F4CAB0F9-53AE-4CAA-9F10-AB68FB252D2F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe No File
FirewallRules: [{36DDEFE9-85A9-44A9-8EC7-6632EE95B1E1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DBDownloader.exe No File
FirewallRules: [{00ED2D97-61DB-43C1-8827-83690538A8EB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DBDownloader.exe No File
FirewallRules: [{0E01F90B-303A-4B2A-AE65-E396A9A34627}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\AutoUpdate.exe No File
FirewallRules: [{01186596-5523-42C6-9DAE-72CBB89055BB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.5.0\AutoUpdate.exe No File
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\David\AppData\Local\IObit
C:\Users\David\AppData\LocalLow\IObit
C:\Users\David\AppData\Roaming\IObit
C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 35
Average :
Sum : 27519346
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18c8328d-3903-11e9-9245-d8cb8a1946fd} => removed successfully
HKLM\Software\Classes\CLSID\{18c8328d-3903-11e9-9245-d8cb8a1946fd} => not found
HKU\S-1-5-21-1407317426-77626339-3557757244-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b0a23d1-c3f5-11e8-9237-d8cb8a1946fd} => removed successfully
HKLM\Software\Classes\CLSID\{6b0a23d1-c3f5-11e8-9237-d8cb8a1946fd} => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0463136A-BCD2-409F-9A23-4C52AA429F9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0463136A-BCD2-409F-9A23-4C52AA429F9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D6D8BBB-455A-41C2-BBA5-174F5D326EAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D6D8BBB-455A-41C2-BBA5-174F5D326EAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1277B3C6-960D-4B94-BB23-9000522EAA0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1277B3C6-960D-4B94-BB23-9000522EAA0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1920FAD1-A496-4261-8044-BB8460476B63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1920FAD1-A496-4261-8044-BB8460476B63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DE923C8-70C2-47AE-8DD5-4ED63F9835C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DE923C8-70C2-47AE-8DD5-4ED63F9835C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A316020-EAF5-4A42-871F-D6EC6ABD0569}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A316020-EAF5-4A42-871F-D6EC6ABD0569}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BB6FEE6-456C-4E1B-A31D-620D5627BCB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB6FEE6-456C-4E1B-A31D-620D5627BCB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EDA1888-C3AF-48B7-84D4-793748E22328}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EDA1888-C3AF-48B7-84D4-793748E22328}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98AE324D-A8A1-4E35-827E-ACB7EC4DF826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98AE324D-A8A1-4E35-827E-ACB7EC4DF826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCA72A70-3EE1-45F5-950C-FCF55FE2F6EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCA72A70-3EE1-45F5-950C-FCF55FE2F6EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C539B3DF-227F-4A06-8E69-A30D627B9CB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C539B3DF-227F-4A06-8E69-A30D627B9CB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1C07ECE-0B5F-48D5-9566-CEE05BFAC35C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1C07ECE-0B5F-48D5-9566-CEE05BFAC35C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2AD8380-6522-4937-B04C-29CB635A3D66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2AD8380-6522-4937-B04C-29CB635A3D66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FB80144A-BCC7-4F27-8B61-4C70DCBC3149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB80144A-BCC7-4F27-8B61-4C70DCBC3149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => removed successfully
"HKU\S-1-5-21-1407317426-77626339-3557757244-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => not found
C:\Program Files\trend micro => moved successfully
C:\Users\David\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04D5223C-A4A7-4F3F-AE9F-D08633F8ADF5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F4CAB0F9-53AE-4CAA-9F10-AB68FB252D2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36DDEFE9-85A9-44A9-8EC7-6632EE95B1E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00ED2D97-61DB-43C1-8827-83690538A8EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E01F90B-303A-4B2A-AE65-E396A9A34627}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01186596-5523-42C6-9DAE-72CBB89055BB}" => removed successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
"C:\ProgramData\IObit" => not found
C:\ProgramData\ProductData => moved successfully
"C:\Users\David\AppData\Local\IObit" => not found
C:\Users\David\AppData\LocalLow\IObit => moved successfully
"C:\Users\David\AppData\Roaming\IObit" => not found
=========== "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========
not found
========= End -> "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========
=========== "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========
"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found
=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========
=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========
"C:\Windows\IObit" => not found
C:\Windows\Tasks\ImCleanDisabled => moved successfully
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11640240 B
Java, Flash, Steam htmlcache => 615494307 B
Windows/system/drivers => 14399698 B
Edge => 179200 B
Chrome => 70002841 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3630 B
LocalService => 0 B
NetworkService => 954 B
NetworkService => 0 B
David => 2315082 B
DefaultAppPool => 16674 B
RecycleBin => 0 B
EmptyTemp: => 691 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:30:16 ====
Re: Preventivni kontrola pc
Ak uz teda nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Co sa tyka tej chyby "select proper boot device", to by mohlo byt sposobene napr. zlym nastavenim boot poradia v BIOSe.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Preventivni kontrola pc
# DelFix v1.013 - Logfile created 03/09/2019 at 18:59:55
# Updated 17/04/2016 by Xplode
# Username : David - DAVID-PC
# Operating System : Windows 10 Enterprise (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\David\Desktop\adwcleaner_7.4.exe
Deleted : C:\Users\David\Desktop\frstaddition.rar
Deleted : C:\Users\David\Desktop\RSITx64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
Moc děkuju a co se týká toho disku zkusím na to kouknout
# Updated 17/04/2016 by Xplode
# Username : David - DAVID-PC
# Operating System : Windows 10 Enterprise (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\David\Desktop\adwcleaner_7.4.exe
Deleted : C:\Users\David\Desktop\frstaddition.rar
Deleted : C:\Users\David\Desktop\RSITx64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
Moc děkuju a co se týká toho disku zkusím na to kouknout
Re: Preventivni kontrola pc
Nie je zaco, rad som pomohol
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?