Preventivka logu

Zpráva

SyncMaster · #1 Příspěvek od **SyncMaster** » 07 pro 2019 15:40

Zdravím! Prosím o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Richie at 2019-12-07 15:42:18
Microsoft Windows 10 Home
System drive C: has 589 GB (62%) free of 953 GB
Total RAM: 16296 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:42:26, on 7.12.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0771)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Richie.exe
C:\Program Files (x86)\Lenovo\System Update\tvsu.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [PhotoMasterImportAgent] "C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe" importagent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Richie\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKUS\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCSDK - Lenovo - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem41.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50303 (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12675 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\dxgiadaptercache.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\AUDIODG.EXE 0x4a4

C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\snmp.exe
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k apphost -s AppHostSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k iissvcs

dashost.exe {4f308001-9e0d-472c-97169b5859e6984f}
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe" -Service SQLEXPRESS
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
C:\WINDOWS\system32\compattelrunner.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wermgr.exe -upload
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe" --launcher=TaskScheduler
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe" scan upload
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"ctfmon.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost

C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\WINDOWS\system32\wwahost.exe" -ServerName:Netflix.App.wwa.bt
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppX368sbpk1kx658x0p332evjk2v0y02kxp.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXemn3t55segp7q92mwd35v2a5rk5mvwyz.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19111.85.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX54h2e8jwdm50fj5ha8987vz1etpx7czd.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXggkaqzf6p31g37n0m8phzeswb0rt9m7e.mca
C:\Windows\System32\smartscreen.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Windows\RTFTrack.exe"
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:GPi25uikUECpMfnj.1

"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe" importagent
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end --restore-last-session
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Richie\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Richie\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=78.0.3904.108 --initial-client-data=0x88,0x8c,0x90,0x80,0x94,0x7ffaef2aed58,0x7ffaef2aed68,0x7ffaef2aed78
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8432 --on-initialized-event-handle=72 --parent-handle=264 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=7815009555443923379 --mojo-platform-channel-handle=1616 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --service-sandbox-type=network --service-request-channel-token=9969448988069932149 --mojo-platform-channel-handle=1976 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=1508160136094733266 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=574650809178521544 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2992 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12216688167014492393 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Users\Richie\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=10949977240399490810 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=10849468015593935773 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1860 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=10195368155379470738 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13599298176664083059 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=9530625230777260769 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=15961426602233341602 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=17264436462443491777 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=17981201438509934894 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=15475841485612124434 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=17056414800437519982 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=18204730251700423184 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2244 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16645391216979174893 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10248 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=14307930960499937825 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2368 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16428222091391607772 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10824 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=345931044238503889 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10828 /prefetch:1
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5058538541439402029 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4436 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3440428244761135014 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9560 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=17236611738889211656 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8160 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=1771723151564614221 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=8635918986226885915 --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2608 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 784 788 796 8192 792
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --service-sandbox-type=audio --service-request-channel-token=5620664298635568879 --mojo-platform-channel-handle=8200 /prefetch:8
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
"C:\Users\Richie\Downloads\RSITx64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1588,3266075886715336570,11981269187795264968,131072 --lang=sk --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=9647525035428050405 --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8768 /prefetch:1
"C:\Program Files (x86)\Lenovo\System Update\tvsu.exe" PendingTask

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26 221664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-04 166360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-04 1402624]
"RtsFT"=C:\Windows\RTFTrack.exe [2015-06-16 5060864]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-25 36352]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2017-02-11 791848]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-04 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-04 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-04 1402624]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-10-08 2872400]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2019-10-03 302904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2018-09-15 27860280]
"PhotoMasterImportAgent"=C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [2016-09-22 675608]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-04-29 3152160]
"com.squirrel.Teams.Teams"=C:\Users\Richie\AppData\Local\Microsoft\Teams\Update.exe [2019-08-19 1789768]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-03-27 2404952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2019-09-10 1240656]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-12-07 15:42:18 ----D---- C:\rsit
2019-12-07 11:19:19 ----D---- C:\WINDOWS\LastGood.Tmp
2019-12-07 11:08:19 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-07 11:08:19 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2019-12-07 11:08:19 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2019-12-07 11:08:19 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2019-12-07 11:08:19 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-07 11:08:19 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2019-12-07 11:08:17 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2019-12-07 11:08:17 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-07 11:08:17 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2019-12-07 11:08:17 ----A---- C:\WINDOWS\system32\OpenCL.dll
2019-12-07 11:08:13 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2019-12-07 11:08:13 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-07 11:08:09 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2019-12-07 11:08:09 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2019-12-07 11:08:08 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2019-12-07 11:08:08 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2019-12-07 11:08:08 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-07 11:08:08 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2019-12-07 11:08:06 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2019-12-07 11:08:06 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2019-12-07 11:08:06 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2019-12-07 11:08:06 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2019-12-07 11:08:06 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-07 11:08:06 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-07 11:08:06 ----A---- C:\WINDOWS\system32\nvdispgenco6444141.dll
2019-12-07 11:08:05 ----A---- C:\WINDOWS\system32\nvdispco6444141.dll
2019-12-07 11:08:02 ----A---- C:\WINDOWS\system32\nvcuda.dll
2019-12-07 11:08:01 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2019-12-07 11:08:01 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2019-12-07 11:08:01 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2019-12-07 11:07:59 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2019-12-07 11:07:59 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2019-12-07 11:07:58 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2019-12-05 21:49:31 ----D---- C:\WINDOWS\Minidump
2019-11-13 18:57:08 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2019-11-13 18:57:08 ----A---- C:\WINDOWS\SYSWOW64\gnsdk_fp.dll
2019-11-13 18:57:08 ----A---- C:\WINDOWS\system32\wmp.dll
2019-11-13 18:56:53 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2019-11-13 18:56:53 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-11-13 18:56:52 ----A---- C:\WINDOWS\system32\mfps.dll
2019-11-13 18:56:52 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-13 18:56:52 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-11-13 18:56:43 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-11-13 18:56:43 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-11-13 18:56:43 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2019-11-13 18:56:42 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-11-13 18:56:41 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-11-13 18:56:40 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-11-13 18:56:40 ----A---- C:\WINDOWS\SYSWOW64\udhisapi.dll
2019-11-13 18:56:40 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2019-11-13 18:56:40 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-11-13 18:56:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-11-13 18:56:40 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-11-13 18:56:40 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2019-11-13 18:56:39 ----A---- C:\WINDOWS\SYSWOW64\upnphost.dll
2019-11-13 18:56:39 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2019-11-13 18:56:39 ----A---- C:\WINDOWS\system32\VAN.dll
2019-11-13 18:56:39 ----A---- C:\WINDOWS\system32\msi.dll
2019-11-13 18:56:39 ----A---- C:\WINDOWS\system32\AcGenral.dll
2019-11-13 18:56:38 ----A---- C:\WINDOWS\system32\werconcpl.dll
2019-11-13 18:56:38 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2019-11-13 18:56:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-11-13 18:56:35 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-11-13 18:56:35 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-11-13 18:56:34 ----A---- C:\WINDOWS\system32\werui.dll
2019-11-13 18:56:34 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-11-13 18:56:34 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-11-13 18:56:34 ----A---- C:\WINDOWS\system32\jscript.dll
2019-11-13 18:56:32 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2019-11-13 18:56:32 ----A---- C:\WINDOWS\system32\upnphost.dll
2019-11-13 18:56:32 ----A---- C:\WINDOWS\system32\udhisapi.dll
2019-11-13 18:56:32 ----A---- C:\WINDOWS\system32\sud.dll
2019-11-13 18:56:32 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-11-13 18:56:32 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-11-13 18:56:31 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-11-13 18:56:31 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-11-13 18:56:31 ----A---- C:\WINDOWS\SYSWOW64\prntvpt.dll
2019-11-13 18:56:28 ----A---- C:\WINDOWS\SYSWOW64\usp10.dll
2019-11-13 18:56:28 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2019-11-13 18:56:28 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-11-13 18:56:28 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-11-13 18:56:28 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2019-11-13 18:56:28 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2019-11-13 18:56:28 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2019-11-13 18:56:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-13 18:56:27 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2019-11-13 18:56:27 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2019-11-13 18:56:27 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2019-11-13 18:56:27 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-13 18:56:27 ----A---- C:\WINDOWS\SYSWOW64\compact.exe
2019-11-13 18:56:26 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2019-11-13 18:56:26 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2019-11-13 18:56:26 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2019-11-13 18:56:26 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2019-11-13 18:56:25 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-11-13 18:56:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.AI.MachineLearning.dll
2019-11-13 18:56:25 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-13 18:56:25 ----A---- C:\WINDOWS\SYSWOW64\CapabilityAccessManagerClient.dll
2019-11-13 18:56:25 ----A---- C:\WINDOWS\SYSWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-13 18:56:25 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2019-11-13 18:56:24 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2019-11-13 18:56:24 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2019-11-13 18:56:24 ----A---- C:\WINDOWS\SYSWOW64\ComposableShellProxyStub.dll
2019-11-13 18:56:24 ----A---- C:\WINDOWS\SYSWOW64\AssignedAccessRuntime.dll
2019-11-13 18:56:23 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-11-13 18:56:23 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-11-13 18:56:23 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2019-11-13 18:56:23 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-11-13 18:56:23 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-11-13 18:56:23 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-11-13 18:56:23 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-13 18:56:22 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-13 18:56:22 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-11-13 18:56:22 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2019-11-13 18:56:22 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-13 18:56:22 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-11-13 18:56:22 ----A---- C:\WINDOWS\system32\cryptui.dll
2019-11-13 18:56:22 ----A---- C:\WINDOWS\system32\atmlib.dll
2019-11-13 18:56:21 ----A---- C:\WINDOWS\system32\usp10.dll
2019-11-13 18:56:21 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-11-13 18:56:21 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-11-13 18:56:21 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2019-11-13 18:56:21 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2019-11-13 18:56:21 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-11-13 18:56:21 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\nsi.dll
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-11-13 18:56:20 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2019-11-13 18:56:19 ----A---- C:\WINDOWS\SYSWOW64\nsi.dll
2019-11-13 18:56:19 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-11-13 18:56:19 ----A---- C:\WINDOWS\system32\uxtheme.dll
2019-11-13 18:56:19 ----A---- C:\WINDOWS\system32\uDWM.dll
2019-11-13 18:56:19 ----A---- C:\WINDOWS\system32\dwm.exe
2019-11-13 18:56:19 ----A---- C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-13 18:56:19 ----A---- C:\WINDOWS\system32\CoreShell.dll
2019-11-13 18:56:19 ----A---- C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\ubpm.dll
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\twinui.dll
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\taskschd.dll
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\msctf.dll
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2019-11-13 18:56:18 ----A---- C:\WINDOWS\system32\compact.exe
2019-11-13 18:56:17 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-13 18:56:17 ----A---- C:\WINDOWS\system32\invagent.dll
2019-11-13 18:56:17 ----A---- C:\WINDOWS\system32\devinv.dll
2019-11-13 18:56:17 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-11-13 18:56:17 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-11-13 18:56:17 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-11-13 18:56:17 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-11-13 18:56:16 ----A---- C:\WINDOWS\system32\winresume.exe
2019-11-13 18:56:16 ----A---- C:\WINDOWS\system32\winload.exe
2019-11-13 18:56:16 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-11-13 18:56:16 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-13 18:56:11 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-11-13 18:56:10 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-13 18:56:10 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-11-13 18:56:10 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-11-13 18:56:09 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-13 18:56:08 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-13 18:56:06 ----A---- C:\WINDOWS\system32\OpenWith.exe
2019-11-13 18:56:05 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-11-13 18:56:05 ----A---- C:\WINDOWS\system32\shell32.dll
2019-11-13 18:56:05 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-11-13 18:56:05 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-11-13 18:56:04 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-11-13 18:56:04 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-13 18:56:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-13 18:56:04 ----A---- C:\WINDOWS\system32\prntvpt.dll
2019-11-13 18:56:04 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2019-11-13 18:56:04 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2019-11-13 18:56:03 ----A---- C:\WINDOWS\system32\hal.dll
2019-11-13 18:56:03 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2019-11-13 18:56:03 ----A---- C:\WINDOWS\system32\AxInstSv.dll
2019-11-13 18:56:02 ----A---- C:\WINDOWS\system32\user32.dll
2019-11-13 18:56:02 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-13 18:56:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\wpnservice.dll
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\wpnprv.dll
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\wpncore.dll
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\mssprxy.dll
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-11-13 18:56:01 ----A---- C:\WINDOWS\system32\drivers\pacer.sys
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\tquery.dll
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\mssvp.dll
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\mssrch.dll
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\mssph.dll
2019-11-13 18:56:00 ----A---- C:\WINDOWS\system32\msscntrs.dll
2019-11-13 18:55:59 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-11-13 18:55:59 ----A---- C:\WINDOWS\system32\FntCache.dll
2019-11-13 18:55:59 ----A---- C:\WINDOWS\system32\DWrite.dll
2019-11-13 18:55:59 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-11-13 18:55:59 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-11-13 18:55:59 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-11-13 18:55:59 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-11-13 18:55:58 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-13 18:55:58 ----A---- C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-13 18:55:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-13 18:55:58 ----A---- C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-13 18:55:58 ----A---- C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-13 18:55:58 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-11-13 18:55:57 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-13 18:55:57 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-13 18:55:57 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-13 18:55:57 ----A---- C:\WINDOWS\system32\qmgr.dll
2019-11-13 18:55:57 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-13 18:55:57 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-11-13 18:55:56 ----A---- C:\WINDOWS\system32\wow64win.dll
2019-11-13 18:55:56 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-13 18:55:55 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-13 18:55:55 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-13 18:55:55 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-13 18:55:55 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-13 18:55:54 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-13 18:55:54 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-11-13 18:55:54 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2019-11-13 18:55:54 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-11-13 18:55:54 ----A---- C:\WINDOWS\system32\spoolsv.exe
2019-11-13 18:55:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-13 18:55:54 ----A---- C:\WINDOWS\splwow64.exe
2019-11-13 18:55:54 ----A---- C:\WINDOWS\explorer.exe
2019-11-13 18:55:53 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2019-11-13 18:55:53 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2019-11-13 18:55:47 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-11-13 18:55:47 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-11-13 18:55:47 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-11-13 18:55:47 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-13 18:55:47 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-11-13 18:55:46 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2019-11-13 18:55:46 ----A---- C:\WINDOWS\system32\wbengine.exe
2019-11-13 18:55:45 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-11-13 18:55:45 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-11-13 18:55:45 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2019-11-13 18:55:45 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-11-13 18:55:45 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-11-13 18:55:45 ----A---- C:\WINDOWS\system32\wer.dll
2019-11-13 18:55:44 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2019-11-13 18:55:44 ----A---- C:\WINDOWS\system32\wersvc.dll
2019-11-13 18:55:44 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-11-13 18:55:44 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-13 18:55:44 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-13 18:55:44 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-11-13 18:55:44 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-11-13 18:55:44 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\SYSWOW64\userenv.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-11-13 18:55:43 ----A---- C:\WINDOWS\system32\netlogon.dll
2019-11-13 18:55:43 ----A---- C:\WINDOWS\system32\aepic.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\wldp.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\Wldap32.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\userenv.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\tzres.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\crypt32.dll
2019-11-13 18:55:42 ----A---- C:\WINDOWS\system32\ci.dll
2019-11-13 18:55:41 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-11-13 18:55:40 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-11-13 18:55:40 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2019-11-13 18:55:40 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2019-11-13 18:55:40 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2019-11-13 18:55:39 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-11-13 18:55:39 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2019-11-13 18:55:39 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-11-13 18:55:39 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-11-13 18:55:31 ----A---- C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-13 18:55:31 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-11-13 18:55:31 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-11-13 18:55:31 ----A---- C:\WINDOWS\system32\hvhostsvc.dll
2019-11-13 18:55:31 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-11-13 18:55:31 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2019-11-13 18:55:31 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-11-13 18:55:17 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2019-11-13 18:55:17 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-11-13 18:55:17 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-11-13 18:55:17 ----A---- C:\WINDOWS\system32\drivers\BthA2dp.sys

======List of files/folders modified in the last 1 month======

2019-12-07 15:42:23 ----D---- C:\WINDOWS\Temp
2019-12-07 15:42:22 ----D---- C:\Program Files\trend micro
2019-12-07 15:41:44 ----D---- C:\WINDOWS\Prefetch
2019-12-07 15:39:54 ----D---- C:\ProgramData\NVIDIA
2019-12-07 15:38:49 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-12-07 15:38:30 ----D---- C:\WINDOWS\System32
2019-12-07 15:38:30 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-12-07 15:36:53 ----D---- C:\Windows
2019-12-07 15:36:36 ----D---- C:\WINDOWS\system32\sru
2019-12-07 15:36:36 ----D---- C:\WINDOWS\system32\catroot2
2019-12-07 14:55:34 ----D---- C:\WINDOWS\system32\DriverStore
2019-12-07 14:55:32 ----D---- C:\WINDOWS\INF
2019-12-07 14:54:30 ----D---- C:\WINDOWS\system32\SleepStudy
2019-12-07 12:23:59 ----RD---- C:\WINDOWS\Microsoft.NET
2019-12-07 11:25:26 ----D---- C:\WINDOWS\system32\drivers
2019-12-07 11:20:06 ----D---- C:\WINDOWS\SysWOW64
2019-12-07 10:33:56 ----D---- C:\ProgramData\NVIDIA Corporation
2019-12-07 10:33:38 ----D---- C:\WINDOWS\system32\Tasks
2019-12-07 10:33:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-12-07 10:33:21 ----D---- C:\Program Files\NVIDIA Corporation
2019-12-06 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-12-06 11:32:17 ----SHD---- C:\System Volume Information
2019-12-06 11:31:33 ----D---- C:\WINDOWS\Logs
2019-12-06 10:39:16 ----D---- C:\WINDOWS\system32\config
2019-12-05 15:19:58 ----HD---- C:\Program Files\WindowsApps
2019-12-05 15:19:39 ----D---- C:\WINDOWS\AppReadiness
2019-12-04 16:59:19 ----D---- C:\Users\Richie\AppData\Roaming\vlc
2019-12-03 21:33:30 ----A---- C:\WINDOWS\system32\nvapi64.dll
2019-11-30 16:06:38 ----D---- C:\Users\Richie\AppData\Roaming\uTorrent
2019-11-23 16:33:49 ----D---- C:\Users\Richie\AppData\Roaming\TS3Client
2019-11-22 22:12:42 ----SHDC---- C:\WINDOWS\Installer
2019-11-22 22:11:11 ----AD---- C:\Program Files (x86)\Microsoft Office
2019-11-20 23:44:54 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2019-11-20 23:44:54 ----A---- C:\WINDOWS\system32\nvcpl.dll
2019-11-20 23:44:50 ----A---- C:\WINDOWS\SYSWOW64\oemdspif.dll
2019-11-20 23:44:50 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2019-11-20 23:44:50 ----A---- C:\WINDOWS\system32\nvshext.dll
2019-11-20 23:44:50 ----A---- C:\WINDOWS\system32\nvmctray.dll
2019-11-20 23:44:50 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2019-11-20 23:44:49 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2019-11-18 22:25:48 ----D---- C:\WINDOWS\system32\WDI
2019-11-15 01:54:31 ----D---- C:\WINDOWS\WinSxS
2019-11-14 22:54:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-13 19:44:54 ----D---- C:\WINDOWS\SYSWOW64\Dism
2019-11-13 19:44:54 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2019-11-13 19:44:50 ----D---- C:\WINDOWS\system32\wbem
2019-11-13 19:44:49 ----D---- C:\WINDOWS\system32\oobe
2019-11-13 19:44:49 ----D---- C:\WINDOWS\system32\en-US
2019-11-13 19:44:48 ----D---- C:\WINDOWS\system32\Dism
2019-11-13 19:44:48 ----D---- C:\WINDOWS\system32\Boot
2019-11-13 19:44:48 ----D---- C:\WINDOWS\system32\ar-SA
2019-11-13 19:44:48 ----D---- C:\WINDOWS\system32\appraiser
2019-11-13 19:44:39 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-11-13 19:44:39 ----D---- C:\WINDOWS\ShellExperiences
2019-11-13 19:44:39 ----D---- C:\WINDOWS\PolicyDefinitions
2019-11-13 19:44:39 ----D---- C:\WINDOWS\bcastdvr
2019-11-13 19:44:39 ----D---- C:\WINDOWS\apppatch
2019-11-13 19:00:20 ----D---- C:\WINDOWS\system32\MRT
2019-11-13 19:00:13 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-11-13 18:59:56 ----D---- C:\WINDOWS\CbsTemp
2019-11-13 18:10:21 ----N---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-24 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-29 55608]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-09-15 87552]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-09-15 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-03 452096]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-29 51712]
R3 ACPIVPC;@oem19.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2016-10-18 45048]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-08-13 92672]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-09-15 63288]
R3 ETD;@oem25.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-14 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-14 30808]
R3 ibtusb;@oem41.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2018-05-10 136720]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-04-23 7970296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-04 4486400]
R3 MEIx64;@oem1.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-04-14 202848]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2018-09-15 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_a007f4012189297e\nvlddmkm.sys [2019-12-03 22744696]
R3 nvvad_WaveExtensible;@oem10.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-04-17 69840]
R3 nvvhci;@oem15.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2019-08-23 75600]
R3 rt640x64;@oem31.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-06-23 895256]
R3 RTSPER;@oem40.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem20.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-08-13 134968]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-10-10 104464]
S3 BthA2DP;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-11-13 215040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-29 111104]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2018-09-15 56832]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-07-09 91136]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-09-15 133120]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-08-13 1232384]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-09-15 125952]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2013-07-03 46136]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-11-13 80400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IntcDAud;@oem36.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-10-10 290304]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-07-23 30336]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-08-13 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-04-10 981816]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-09-15 202240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-09-15 33080]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-09-15 33280]
S4 RsFx0411;RsFx0411 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0411.sys [2018-03-04 261792]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2017-01-31 173472]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-03-14 771672]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-10-08 3147344]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-10-08 2914896]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2019-08-26 96056]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_6110e;Connected Devices Platform User Service_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-11-17 11650416]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-14 134888]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-22 18856]
R2 ibtsiva;@oem41.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-04-23 373752]
R2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-27 858480]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-11-20 860016]
R2 OneSyncSvc_6110e;Sync Host_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_6110e;Používateľská služba schránky_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-12-29 43632]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-08-13 864568]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2017-02-27 688992]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10 153752]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2019-04-10 255128]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_6110e;GameDVR and Broadcast User Service_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-03-27 8473200]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_6110e;Služba podpory používateľov rozhrania Bluetooth_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_6110e;CaptureService_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_6110e;ConsentUX_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-04-23 301560]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_6110e;DevicePicker_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_6110e;DevicesFlow_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-18 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-03-08 774272]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe [2019-11-16 1110512]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2019-10-03 658232]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_6110e;MessagingService_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2018-03-18 392880]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-27 858480]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 219656]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc_6110e;Kontaktné údaje_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_6110e;PrintWorkflow_6110e; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]

-----------------EOF-----------------

#2 Příspěvek od **Conder** » 08 pro 2019 18:08

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

SyncMaster · #3 Příspěvek od **SyncMaster** » 08 pro 2019 22:47

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-08-2019
# Duration: 00:00:25
# OS: Windows 10 Home
# Cleaned: 16
# Failed: 1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Folder C:\ProgramData\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Deleted Preinstalled.LenovoPhotoMaster Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|PhotoMasterImportAgent
Deleted Preinstalled.LenovoPhotoMaster Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run|PhotoMasterImportAgent
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\Richie\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
Deleted Preinstalled.LenovoUtility Folder C:\Program Files\LENOVO\LENOVOUTILITY
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}
Not Deleted Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3287 octets] - [08/12/2019 22:40:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Conder** » 10 pro 2019 11:25

Pardon za zdrzanie. Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

SyncMaster · #5 Příspěvek od **SyncMaster** » 11 pro 2019 19:52

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Richie (11-12-2019 19:41:50)
Running from C:\Users\Richie\Desktop
Windows 10 Home Version 1809 17763.864 (X64) (2018-12-29 16:10:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1580249961-1468198773-3403978891-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1580249961-1468198773-3403978891-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1580249961-1468198773-3403978891-1000 - Limited - Disabled) => C:\Users\defaultuser0
DP (S-1-5-21-1580249961-1468198773-3403978891-1003 - Limited - Enabled) => C:\Users\DP
Guest (S-1-5-21-1580249961-1468198773-3403978891-501 - Limited - Disabled)
Richie (S-1-5-21-1580249961-1468198773-3403978891-1001 - Administrator - Enabled) => C:\Users\Richie
WDAGUtilityAccount (S-1-5-21-1580249961-1468198773-3403978891-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Active Directory Authentication Library for SQL Server (HKLM\...\{6BF11ECE-3CE8-4FBA-991A-1F55AA6BE5BF}) (Version: 15.0.1300.359 - Microsoft Corporation)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Aktualizácie NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2016 (HKLM-x32\...\{5B860485-0F07-41DC-BA8C-3A839A141FBA}) (Version: 13.2.5026.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
Digilent Software (HKLM-x32\...\Digilent Software) (Version: 1.0.204 - Digilent, Inc.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Entity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{2B6AC31A-9883-465C-AFC6-1EC5AA48F5BD}) (Version: 1.1.138.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FlatOut 2 (HKLM-x32\...\{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}) (Version: 1.00.0000 - Empire Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Integration Services (HKLM-x32\...\{D2B37BBC-83A5-4C27-A804-4DC51AFA9E0D}) (Version: 15.0.1900.63 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{C345A462-2044-47D6-81F6-A4416453A514}) (Version: 17.1.1529.1613 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
IntelliJ IDEA 2018.3.4 (HKLM-x32\...\IntelliJ IDEA 2018.3.4) (Version: 183.5429.30 - JetBrains s.r.o.)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{8D2FE6BB-86B6-4A90-8DBC-4A1F8B792806}) (Version: 12.10.1.4 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 11.0.2 (64-bit) (HKLM\...\{07E85AEA-1F8D-5F49-8CC8-319389751152}) (Version: 11.0.2.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.73.5 - ELAN Microelectronic Corp.)
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{A5B9FE63-24F8-49BF-B657-FEA9342696B0}) (Version: 13.2.5026.0 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{72AFAF21-33FB-45A5-9468-A9EC07427F82}) (Version: 17.4.1.1 - Microsoft Corporation)
Microsoft Office 365 ProPlus - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.12228.20332 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{9AA0AFFA-EDB6-4B66-9FD7-BBC828D88B47}) (Version: 18.2.3.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2016 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2016) (Version: - Microsoft Corporation)
Microsoft SQL Server 2016 Setup (English) (HKLM\...\{0FDFF68C-E6E6-414E-AB66-B9AA896A5491}) (Version: 13.2.5026.0 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM\...\{FE3BF1DD-677E-4793-9770-C07AECC88882}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{4E5A8BEC-BEB0-4E74-8B0D-8C6728697A0A}) (Version: 13.2.5026.0 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{5084D16B-E1D2-4F25-8B86-A03B4F9E1A72}) (Version: 13.0.3225.4 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.3.1 (HKLM-x32\...\{f3eaa58d-dbb7-494a-ac5f-89d85140048c}) (Version: 15.0.18183.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27029 (HKLM-x32\...\{64ff2cb0-807c-4ee9-87ef-ec1b2ede0daf}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27029 (HKLM-x32\...\{f50edb7e-c25e-47b4-bc4f-7ec4a4d256b1}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2016 (HKLM\...\{3E013EB4-FF9E-4CCA-BAB6-318932614FAE}) (Version: 13.2.5026.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Grafický ovládač 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.41 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.41 - NVIDIA Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21275 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Service Pack 2 for SQL Server 2016 (KB4052908) (64-bit) (HKLM\...\KB4052908) (Version: 13.2.5026.0 - Microsoft Corporation)
SQL Server 2016 Batch Parser (HKLM\...\{D7A905DB-9A1E-4670-9488-F979F8A77A58}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{16F3645F-1343-4462-92DC-9AE66A2E68A3}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{57846DA8-8B5D-4466-B850-E8CDFC94046C}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{5043CE58-6AAF-488C-AC2A-A405FFF85B57}) (Version: 13.0.16108.4 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{6EE546C8-37CE-47FA-9BED-9EB3CB79E8CA}) (Version: 13.0.16108.4 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{0C457EC3-E998-4041-B856-908D5A2C1708}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{51574D2C-DE28-4441-BDC2-967F0FFC0918}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{686A81C0-C8E4-46F6-952F-B19A28E8C430}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{81CABA93-27C0-4BD9-9B5E-227C76B59F46}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{2FFF0757-4360-42F5-8814-16BB5CF0145F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{34A20DEE-6AD4-44A6-95FF-DFF95CD22B8C}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{3E2AB7C7-2019-4126-AF5A-F840DE02DA73}) (Version: 13.0.16107.4 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{B1161C6B-1DD3-45E7-8769-9C318038459C}) (Version: 13.0.16107.4 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{B6E1A5EB-1C58-4A04-B76B-E5FE1BE22CA1}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{FA548BCB-5732-40F8-85B0-61515D18D9C1}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server 2016 SQL Diagnostics (HKLM\...\{766BE25E-D2B5-4E76-BCB0-29B801BADB3F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{8CF2CA8E-3984-46B9-B493-F844F3774FA1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{E6FFAAAF-D8B5-4D46-8514-26E96D9F3D8D}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{0D9BD39A-A870-4FDF-B590-1E9787CF16D9}) (Version: 13.2.5026.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{A58EBFD5-1B1A-498D-8B39-7C9F1525AA62}) (Version: 15.0.18183.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{E5D3B8DF-4D92-4928-A441-685C1054624E}) (Version: 15.0.18183.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{95040551-868C-4B84-9A2C-9CB8CBA595E5}) (Version: 15.0.18183.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{9124279D-4698-4655-89AA-3D28BD51EAE1}) (Version: 15.0.18183.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{8096DC4A-4E4B-48EA-9247-270727C5C3CB}) (Version: 15.0.18183.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1236 - SUPERAntiSpyware.com)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\82d01f82) (Version: 15.9.28307.222 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden

Packages:
=========
A Moment of Hygge PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AMomentofHyggePREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Beautiful Norway -> C:\Program Files\WindowsApps\Microsoft.BeautifulNorway_1.0.0.0_neutral__8wekyb3d8bbwe [2018-07-11] (Microsoft Corporation)
Call of the Raven -> C:\Program Files\WindowsApps\Microsoft.CalloftheRaven_1.0.0.0_neutral__8wekyb3d8bbwe [2018-12-29] (Microsoft Corporation)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-09] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Studios) [MS Ad]
Mountain Dwellings -> C:\Program Files\WindowsApps\Microsoft.MountainDwellings_1.0.0.0_neutral__8wekyb3d8bbwe [2018-02-04] (Microsoft Corporation)
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.)
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
The Northern Lights -> C:\Program Files\WindowsApps\Microsoft.TheNorthernLights_1.0.0.0_neutral__8wekyb3d8bbwe [2017-12-24] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1580249961-1468198773-3403978891-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Richie\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1580249961-1468198773-3403978891-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Richie\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1580249961-1468198773-3403978891-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-02-11 00:58 - 2016-09-22 07:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2017-02-13 14:33 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-02-11 00:59 - 2016-09-22 07:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2015-07-22 10:44 - 2015-07-22 10:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-07-22 10:44 - 2015-07-22 10:44 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2017-02-11 00:59 - 2016-09-22 07:06 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\MSVCR71.dll
2018-12-29 16:52 - 2018-12-29 16:52 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2017-02-13 13:32 - 2017-02-13 13:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2017-02-13 13:32 - 2017-02-13 13:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2017-02-13 13:35 - 2017-02-13 13:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AppVIsvSubsystems32.dll
2017-02-13 13:35 - 2017-02-13 13:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\c2r32.dll
2017-02-11 00:59 - 2016-09-22 07:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\sharepoint.com -> hxxps://aossk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2017-06-12 13:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2017-02-13 22:00 - 2019-10-24 12:52 - 000000858 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
48 676
6 44 710
192.168.137.1 Richard.mshome.net # 2023 10 0 8 11 5 7 980
58 681
11 555
41
192.168.137.1 Richard.mshome.net # 2023 10 0 8 11 5 7 980
13 522

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Richie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [{FCC4BFE1-BC1E-44A3-8B9A-4357867FBDD3}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3F83FD4B-74BD-40BB-9DA8-D296A5845420}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{ACBB1D34-BF89-471A-AA6B-07EE54328934}] => (Block) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File
FirewallRules: [{6D6B7A96-53DF-48B8-875E-BAAF70764B9A}] => (Block) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File
FirewallRules: [UDP Query User{62F7CA4D-CD4A-47A0-95DF-E3DB3B6700CD}D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe] => (Allow) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File
FirewallRules: [TCP Query User{60A0386F-04C4-424D-9009-239F04B5E81F}D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe] => (Allow) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File
FirewallRules: [{9A0F2263-CF64-4F8A-89FB-829595F9770D}] => (Allow) C:\program files (x86)\empire interactive\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [{57778845-D01D-406C-A6E0-8233A68C04F8}] => (Allow) C:\program files (x86)\empire interactive\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{60C439B4-76B2-4FD0-82F6-C698C3B8B8F0}C:\program files (x86)\empire interactive\flatout 2\flatout2.exe] => (Allow) C:\program files (x86)\empire interactive\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [TCP Query User{937A464B-D290-4D87-ABF7-51FD5BCBD533}C:\program files (x86)\empire interactive\flatout 2\flatout2.exe] => (Allow) C:\program files (x86)\empire interactive\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [{E7AACB4C-0341-409D-9057-CBFF7CCF7CC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{01A4F31F-59FD-4E8E-8954-317B9235FC7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A79B0F4E-693B-4CCB-A036-9ADA79097328}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EE44ED31-C1ED-4657-84A9-0D46E2B09698}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75822D52-F981-4ACA-BA60-17366CE2C3E0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8F760EF1-EF2A-4A1B-8602-67EB799FC802}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{69CCB6CF-3B30-48B0-9A71-79AF65120D0F}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1DA114CF-FCE3-4247-B5A0-5028787F0E61}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0E37CAD6-8E27-4D68-B947-DF1DC92B4780}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D3A2BA30-409F-4375-9633-FA6A77BDE73E}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5C256134-C334-4832-9D64-74862C2C432D}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6792D231-CFE5-44EC-9481-F9913A10698F}] => (Allow) C:\Users\Richie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AED45669-8000-4B97-9A86-5A8192FBFB41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{1B738350-9331-440B-8D92-1C749BCC7A57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{E2F3C282-BC82-474D-8104-AB6216CE21F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D49A778-BEF0-4DA5-8243-3D0673658BDE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{89038514-CBD2-4452-BD30-94B4B9D3EE52}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{717762B5-3828-4E28-A380-7197F5256A9D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D05E90ED-9C11-43D2-B585-9E2CDD42A5FF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B1222616-B101-416F-84FD-665B94D9DF0C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C177C4D2-B54B-491C-AE92-219FF4099D5E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{09A54A95-C80E-41ED-8F39-8019265D3C20}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{BCD9A33C-1922-4DF8-BDA1-195F0963E2B8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F1DFC168-B3F4-4EFD-8BBE-CAA2464EB669}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1EB37D07-4411-4651-82E1-88BF155C1684}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{4673435B-1D5D-440B-9568-B43FF40EB7B7}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{6564727D-3829-436D-880A-5AF5FE7380E4}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{8AE264F6-B344-4E5B-AB54-7D89A5E66C84}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C742D04E-FE07-45EA-B665-5525CBB00116}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A1B20C69-7699-45A9-A167-B9D1F90A701B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F008B33C-A47D-477C-B102-ED85D9814C57}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A1ED376-106E-4851-9825-44E8C1BB58DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CAAF0084-75EB-469C-8171-175B2211000A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEA5311E-B7B9-47B1-953F-C064B788F9BE}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe No File
FirewallRules: [{AA90B8AF-F1DF-4B5E-BCD3-B5F0B9B0A38C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe No File
FirewallRules: [{1F6A2057-393A-4911-B319-D40E8599EE67}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DDECA1B2-D60B-4EC3-9108-C1E425E42D65}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{2FD1C63D-A659-42E6-BB09-1EE6A342A5CD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B20FEC93-C667-44FF-9384-17211244EFE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{880E452F-9BF4-4249-B9B2-4CD80665563F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FB5A1D3-2E6C-4F28-A548-6D42DC86AF83}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB86458D-610B-4578-B3C2-B8FA0B6CE6FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3908A8F4-64AA-4C15-9B5E-3900BB1B666E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{133DC2DC-11C0-4DBE-ABA9-ED118FA9F9C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EE682150-7754-4960-9D6E-D5221836E51C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CB837B5-567D-451E-96D0-D86BBD4F83B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/08/2019 10:42:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.

Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (12/08/2019 02:52:19 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {245CD0A1-F9DA-4A61-ABB6-C3935B7D5DF5}

Error: (12/07/2019 03:35:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: ShellExperienceHost.exe, verzia: 10.0.17763.864, časová značka: 0x5dc5115a
Názov chybujúceho modulu: msxml6.dll, verzia: 6.30.17763.802, časová značka: 0x0c5ab315
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000e9979
Identifikácia chybujúceho procesu: 0x1344
Čas spustenia chybujúcej aplikácie: 0x01d5acd8fdd688f1
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta chybujúceho modulu: C:\Windows\System32\msxml6.dll
Identifikácia hlásenia: cd570b0e-65e6-4d86-9b5b-d3644e195378
Celé meno chybujúceho balíka: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/07/2019 03:35:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.17763.1, časová značka: 0x9d9d9332
Názov chybujúceho modulu: msxml6.dll, verzia: 6.30.17763.802, časová značka: 0x0c5ab315
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000e9979
Identifikácia chybujúceho procesu: 0x2cd8
Čas spustenia chybujúcej aplikácie: 0x01d5ad0b931876ec
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\msxml6.dll
Identifikácia hlásenia: 8566e9a1-e9b6-4043-b3b1-eb16f968b58d
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel

Error: (12/07/2019 03:35:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.17763.1, časová značka: 0x9d9d9332
Názov chybujúceho modulu: msxml6.dll, verzia: 6.30.17763.802, časová značka: 0x0c5ab315
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000e9979
Identifikácia chybujúceho procesu: 0x1cf8
Čas spustenia chybujúcej aplikácie: 0x01d5ad0b8e61e37c
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\msxml6.dll
Identifikácia hlásenia: 161f3d80-8816-4f01-a237-261b524b6611
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel

Error: (12/07/2019 03:35:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.17763.1, časová značka: 0x9d9d9332
Názov chybujúceho modulu: msxml6.dll, verzia: 6.30.17763.802, časová značka: 0x0c5ab315
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000e9979
Identifikácia chybujúceho procesu: 0x21d4
Čas spustenia chybujúcej aplikácie: 0x01d5acdaa38fd353
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\msxml6.dll
Identifikácia hlásenia: 6c4a7950-87fd-4137-ada0-efa98e93aa56
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel

Error: (12/07/2019 03:32:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_wlidsvc, verzia: 10.0.17763.1, časová značka: 0xb900eeff
Názov chybujúceho modulu: msxml6.dll, verzia: 6.30.17763.802, časová značka: 0x0c5ab315
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000e9979
Identifikácia chybujúceho procesu: 0x308
Čas spustenia chybujúcej aplikácie: 0x01d5ad0b397e9d3c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\msxml6.dll
Identifikácia hlásenia: 66082f62-1d9d-43e4-b85d-36c9013c5d49
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/07/2019 03:27:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_wlidsvc, verzia: 10.0.17763.1, časová značka: 0xb900eeff
Názov chybujúceho modulu: msxml6.dll, verzia: 6.30.17763.802, časová značka: 0x0c5ab315
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000e9979
Identifikácia chybujúceho procesu: 0x33b4
Čas spustenia chybujúcej aplikácie: 0x01d5ad0a75cf8c9d
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\msxml6.dll
Identifikácia hlásenia: a4e76025-b175-4ad3-8669-cc57aea3c667
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

System errors:
=============
Error: (12/11/2019 07:28:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/11/2019 07:28:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/11/2019 07:28:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/11/2019 07:28:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/11/2019 07:28:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/11/2019 07:28:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/11/2019 07:26:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Security Center sa pri spustení zablokovala.

Error: (12/11/2019 07:24:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker sa pri spustení zablokovala.

Windows Defender:
===================================
Date: 2019-12-03 22:19:40.582
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {177CE3FF-45E2-450D-A080-19C90E8EF06B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-26 21:33:05.250
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {199B544B-CAF4-49A1-8B27-C6942A79AE25}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-26 21:28:45.822
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D8979C8C-D742-4ACF-8BE5-4D33FE1BFB46}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-26 21:12:27.458
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EDE00A79-70F0-4A46-8C56-5369B9A9242A}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-24 12:21:20.737
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AB47E8DB-D71E-4A7B-9402-AA1D12BB1D41}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-07 15:49:17.325
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.305.3480.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-12-07 15:08:33.526
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.305.3480.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80080005
Error description: Server execution failed

Date: 2019-12-07 12:17:08.459
Description:
Windows Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource:

Date: 2019-12-07 10:40:12.923
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.305.3394.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80080005
Error description: Server execution failed

Date: 2019-12-06 10:21:10.446
Description:
Windows Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource:

CodeIntegrity:
===================================

Date: 2019-12-07 12:19:21.750
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-07 12:19:21.728
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-07 12:19:21.605
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-07 12:19:21.585
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-07 12:19:21.531
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-07 12:19:21.508
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-07 12:19:20.230
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-07 12:19:20.165
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO 9ECN43WW(V3.03) 08/12/2015
Motherboard: LENOVO Lenovo Y50-70
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 24%
Total physical RAM: 16296.27 MB
Available physical RAM: 12267.8 MB
Total Virtual: 32680.27 MB
Available Virtual: 28689.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.47 GB) (Free:583.45 GB) NTFS

\\?\Volume{7793bc58-7279-423a-a93f-0dece6001efb}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{12bb7219-d0cd-4023-90c3-26e0ebeff06d}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{1939d6cb-e325-44be-ba39-9d4b0c24c230}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

SyncMaster · #6 Příspěvek od **SyncMaster** » 11 pro 2019 19:52

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Richie (administrator) on RICHARD (LENOVO 20378) (11-12-2019 19:29:53)
Running from C:\Users\Richie\Desktop
Loaded Profiles: Richie & SQLTELEMETRY$SQLEXPRESS (Available Profiles: defaultuser0 & Richie & DP & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS & DefaultAppPool)
Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{F1FFD833-8846-4FB6-85EF-D481431CFD0D}\79.0.3945.79_78.0.3904.108_chrome_updater.exe
(Google LLC -> Google LLC) C:\Windows\Temp\CR_1D6D9.tmp\setup.exe
(Google LLC -> Google LLC) C:\Windows\Temp\CR_1D6D9.tmp\setup.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UNP\UpdateNotificationMgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.850_none_7e18264b4d00f498\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5060864 2015-06-16] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-03] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1580249961-1468198773-3403978891-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Richie\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04D68D2A-0A19-403B-B444-450C3DFE1A3D} - System32\Tasks\GoogleUpdateTaskMachineCore1d57ec4178d52cb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-10] (Google Inc -> Google Inc.)
Task: {0C7BCFF5-441B-4EAB-A757-D4E2A283C1F0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0EEF7B7B-1BCC-47A9-8671-45B17BA1A68B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {105AA163-D7A3-499E-A1D3-92F06915726B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {14C953C1-7412-459B-8AA1-FE29F02AD1CF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1580249961-1468198773-3403978891-1001 => C:\Users\Richie\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {18773AB1-CE41-48BD-98F4-C649F7587722} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1444168 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {27540548-1FBF-4962-BEC5-90096043406F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {37EA0837-993F-4804-B79D-2D7F2FF33AD4} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {397BD8F2-8177-4E27-9CAC-B322B53724EB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1580249961-1468198773-3403978891-1003 => C:\Users\Richie\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {3EFBF55B-4A54-4765-857C-C52FD0216461} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {458062DC-2C06-484A-AA95-A5F51C7F9C35} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {4AA66A48-3757-44E2-82CF-638284391DA9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4CEA71C3-6DBF-4A1B-AE59-57DB02E108B4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Task: {5134A9C6-5D1D-4CC9-BCFC-E420504F01BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52A22E29-4283-4D30-95FF-3804B02E2AB8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373800 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {55CC93C0-A4A9-426E-9E7A-2D695B6C2A99} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-1580249961-1468198773-3403978891-1001 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [33640 2018-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {56CEA2BC-C78D-45E7-BD7A-92307B82CA1F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {58788545-A468-467E-87EC-D6F48C755B8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-10] (Google Inc -> Google Inc.)
Task: {59EF1897-DC77-4023-99C6-5B6E83DCA4D0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {5E7126E5-193E-46E0-BABB-A8E6B9E34257} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {5FF56091-F127-4084-ADCE-706827549843} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63C907FD-BC74-4C58-AA7E-0603AA83A28B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-17] (Piriform Software Ltd -> Piriform Ltd)
Task: {681A0D82-4D06-471A-AD8C-DD2C6F6DBDD5} - System32\Tasks\GoogleUpdateTaskMachineUA1d57ec417c5ce9b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-10] (Google Inc -> Google Inc.)
Task: {739CC7D7-B47C-45FF-BE05-76C4BCDDB6E9} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-1580249961-1468198773-3403978891-1000 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [33640 2018-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {77FDD470-8294-40DA-BCBA-63CA7B55706D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373800 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {79C05ED7-D6D9-4652-9F05-FE1304F82121} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7AEE2995-A6F1-4E8C-93EE-77F3C447C5A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E649A9B-0EAA-4C80-AA26-2375B952391E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {881D8A38-FA45-4360-89C2-ACE9205F664D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {890DD9D6-23CA-4D1E-8D2D-BD1F763F623B} - System32\Tasks\AdobeGCInvoker-1.0-RICHARD-Richie => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8B982A5D-CF9A-4A57-9571-FD2918178CEC} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {9564C603-0F8B-4922-89FC-BE90EEB6EB78} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {95C165F5-0413-4BD1-8354-3D7055C9EAD5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98FCD70A-1156-435B-8FF3-D5F5FD12605C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8ABFD26-7A58-401A-8528-D6FDDE0D351E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AAAE3C0C-D99D-4705-8861-BD36C169F212} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {B0330CE7-46F5-45FC-AAFB-A5B458851659} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4A17F6A-9905-44BF-81E3-B415EA954FB2} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 15.9.3032 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [206184 2018-12-28] (Microsoft Corporation -> )
Task: {BAFB32EB-D7F7-4C68-8782-0506C5A60F5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {BB578A09-9835-4E0C-8CEC-E89B877AA114} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC15456A-8453-457C-B454-B2281B657C41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-10] (Google Inc -> Google Inc.)
Task: {BEFCA9D0-AB54-4396-BCDF-F100C749D7D8} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {BF44342E-FA72-4EA7-A701-14302DB3F77A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CC31AE86-DC2F-4480-9C34-420CBB41FC80} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {D19A3672-180B-441D-9EBE-0DAF99520211} - System32\Tasks\MATLAB R2014a Startup Accelerator => C:\Program Files\MATLAB2\R2014a\bin\win64\MATLABStartupAccelerator.exe
Task: {DB53845F-F1CB-490E-AAFD-EFFE3752E771} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DB9047E9-3B77-42DB-A794-D8DFAB3DF7E0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E726FBB5-D80F-42CF-99A2-57284D191D2F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7B92D45-18CB-40DA-876F-617ECDF35073} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{da73bd9d-f23f-460b-a3f6-f007693cc472}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e0abbf77-3ba2-4c14-a27f-41e453d61588}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.dosearches.com/?utm_source=b&utm_me ... 1383772572"
CHR NewTab: Default -> Active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default [2019-12-11]
CHR Extension: (Prezentácie) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-10]
CHR Extension: (Tabuľky) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-06]
CHR Extension: (Momentum) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2019-12-06]
CHR Extension: (Webcam Toy) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2018-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2019-11-01]
CHR Extension: (Gmail) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-01]
CHR Profile: C:\Users\Richie\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-10-24]
CHR Profile: C:\Users\Richie\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-27] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2015-09-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2017-04-23] (Intel(R) pGFX -> Intel Corporation)
S3 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [392880 2018-03-18] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-12-29] (Microsoft Windows -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [566448 2018-03-18] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [251568 2018-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-09-14] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn, Inc. -> LogMeIn Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136720 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-09-15] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_a007f4012189297e\nvlddmkm.sys [22744696 2019-12-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
S4 RsFx0411; C:\WINDOWS\System32\DRIVERS\RsFx0411.sys [261792 2018-03-04] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 XilinxPC4Driver; C:\WINDOWS\System32\drivers\xpc4drvr.sys [27384 2013-10-13] (Xilinx -> Xilinx, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-11 19:29 - 2019-12-11 19:37 - 000038163 _____ C:\Users\Richie\Desktop\FRST.txt
2019-12-11 19:27 - 2019-12-11 19:34 - 000000000 ____D C:\FRST
2019-12-11 19:22 - 2019-12-11 19:22 - 002263552 _____ (Farbar) C:\Users\Richie\Desktop\FRST64.exe
2019-12-11 19:10 - 2019-12-11 19:10 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2019-12-11 19:10 - 2019-12-11 19:10 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC
2019-12-08 22:39 - 2019-12-08 22:42 - 000000000 ____D C:\AdwCleaner
2019-12-08 21:56 - 2019-12-08 21:56 - 008218800 _____ (Malwarebytes) C:\Users\Richie\Desktop\adwcleaner_8.0.0.exe
2019-12-07 15:42 - 2019-12-07 15:43 - 000000000 ____D C:\rsit
2019-12-07 15:41 - 2019-12-07 15:42 - 001222144 _____ C:\Users\Richie\Downloads\RSITx64.exe
2019-12-07 11:19 - 2019-12-07 11:20 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-12-07 11:08 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-07 11:08 - 2019-12-03 21:36 - 001073872 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-07 11:08 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-07 11:08 - 2019-12-03 21:36 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-07 11:08 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-07 11:08 - 2019-12-03 21:36 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-07 11:08 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-07 11:08 - 2019-12-03 21:36 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-07 11:08 - 2019-12-03 21:36 - 000450976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-07 11:08 - 2019-12-03 21:36 - 000352512 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-07 11:08 - 2019-12-03 21:35 - 011842976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-07 11:08 - 2019-12-03 21:35 - 010167216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-07 11:08 - 2019-12-03 21:35 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-07 11:08 - 2019-12-03 21:35 - 000544728 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 017458824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 015027776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 005380744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 004716176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 002074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 001729520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444141.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 001567688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 001491544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444141.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 001482408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 001370280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 001144944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 001064408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 000813656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 000685800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 000659088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-07 11:08 - 2019-12-03 21:34 - 000556680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-07 11:08 - 2019-11-21 01:56 - 000056258 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-07 11:07 - 2019-12-03 21:34 - 040511064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-07 11:07 - 2019-12-03 21:34 - 035380104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-07 11:07 - 2019-12-03 21:33 - 004205784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-05 21:49 - 2019-12-06 10:40 - 000000000 ____D C:\WINDOWS\Minidump
2019-11-17 14:48 - 2019-11-17 14:49 - 000003128 _____ C:\Users\Richie\Downloads\poznR_B.txt
2019-11-13 18:57 - 2019-11-13 18:57 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-11-13 18:57 - 2019-11-13 18:57 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-13 18:57 - 2019-11-13 18:57 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 023455232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 022137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 012258816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 009667896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 006934016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 006547896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 006318328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 005770240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 005608336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 005575168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 004873216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 004049920 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 003872336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 003656792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 002918200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 002699976 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 002628112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001702600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-13 18:56 - 2019-11-13 18:56 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001486472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001473296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001346216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-13 18:56 - 2019-11-13 18:56 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001267240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-11-13 18:56 - 2019-11-13 18:56 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001183504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000808272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000773208 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000747536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000661264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000588816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000542320 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-13 18:56 - 2019-11-13 18:56 - 000473832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000465416 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000435512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000427832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000262152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-13 18:56 - 2019-11-13 18:56 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-13 18:56 - 2019-11-13 18:56 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000112168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-11-13 18:56 - 2019-11-13 18:56 - 000086744 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
2019-11-13 18:56 - 2019-11-13 18:56 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000023768 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-13 18:56 - 2019-11-13 18:56 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 007700696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 007656072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 004413936 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001933408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001668784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001294792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 001054224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 001049608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000888560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000862008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000856424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000667664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000536320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000514600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000509968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000450632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000445752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000389408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000385848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000198968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000087080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-13 18:55 - 2019-11-13 18:55 - 000061480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-13 18:55 - 2019-11-13 18:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-11-13 18:55 - 2019-11-13 18:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-11-13 18:20 - 2019-11-13 18:20 - 000000000 ____D C:\Users\Richie\Downloads\Angel Has Fallen (2019) [WEBRip] [720p] [YTS.LT]
2019-11-13 18:19 - 2019-11-13 18:19 - 000044123 _____ C:\Users\Richie\Downloads\Angel Has Fallen (2019) [WEBRip] [720p] [YTS.LT].torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-11 19:40 - 2017-02-13 13:58 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-11 19:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-11 19:27 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-11 19:21 - 2017-04-30 09:07 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-11 19:17 - 2018-06-12 19:06 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-12-11 19:17 - 2017-02-10 22:50 - 000000000 __SHD C:\Users\Richie\IntelGraphicsProfiles
2019-12-11 19:15 - 2018-12-29 17:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-11 19:15 - 2018-12-29 16:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-08 22:51 - 2018-12-29 17:02 - 002934168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-08 22:51 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-08 22:51 - 2017-02-15 22:40 - 001437390 _____ C:\WINDOWS\system32\perfh01B.dat
2019-12-08 22:51 - 2017-02-15 22:40 - 000438248 _____ C:\WINDOWS\system32\perfc01B.dat
2019-12-08 22:46 - 2017-02-13 14:29 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-12-08 22:45 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-08 22:42 - 2017-02-11 01:03 - 000000000 ____D C:\Program Files\Lenovo
2019-12-08 22:42 - 2017-02-11 00:55 - 000000000 ____D C:\ProgramData\Lenovo
2019-12-08 22:42 - 2017-02-11 00:55 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-12-08 08:53 - 2017-12-24 11:21 - 000000000 ____D C:\Users\Richie\AppData\Local\PlaceholderTileLogoFolder
2019-12-07 16:06 - 2018-02-23 12:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-07 16:05 - 2019-02-22 15:47 - 000000219 _____ C:\Users\Richie\Desktop\AUTO.txt
2019-12-07 16:01 - 2017-12-10 18:59 - 000000000 ____D C:\Users\Richie\AppData\Local\Packages
2019-12-07 15:59 - 2018-01-27 12:29 - 000000000 ____D C:\Users\Richie\AppData\Roaming\TS3Client
2019-12-07 15:59 - 2017-02-13 14:37 - 000000000 ____D C:\Users\Richie\AppData\Roaming\uTorrent
2019-12-07 15:58 - 2017-02-15 23:22 - 000000000 ____D C:\Users\Richie\AppData\Local\CrashDumps
2019-12-07 15:58 - 2017-02-13 13:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-07 15:54 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-07 15:42 - 2017-06-11 17:16 - 000000000 ____D C:\Program Files\trend micro
2019-12-07 10:33 - 2019-10-27 11:06 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2019-10-27 11:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2019-10-27 11:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2019-10-27 11:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2019-10-27 11:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2018-12-29 17:08 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2018-12-29 17:08 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2018-12-29 17:08 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2018-12-29 17:08 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2018-12-29 17:08 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-07 10:33 - 2017-04-30 09:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-07 10:33 - 2017-04-30 09:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-07 10:33 - 2017-04-30 09:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-05 21:55 - 2018-12-29 16:49 - 000000000 ____D C:\Users\Richie
2019-12-04 16:59 - 2017-02-19 19:20 - 000000000 ____D C:\Users\Richie\AppData\Roaming\vlc
2019-12-03 21:33 - 2017-10-30 19:49 - 004937792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-11-30 16:02 - 2019-03-29 16:00 - 000000000 ____D C:\Users\Richie\AppData\Local\BitTorrentHelper
2019-11-30 15:32 - 2019-09-03 19:13 - 000000000 ____D C:\Users\Richie\AppData\LocalLow\uTorrent
2019-11-22 14:30 - 2017-02-10 22:20 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 23:44 - 2017-04-30 09:07 - 005549368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-11-20 23:44 - 2017-04-30 09:07 - 002652168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-11-20 23:44 - 2017-04-30 09:07 - 001767448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-11-20 23:44 - 2017-04-30 09:07 - 000668200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-11-20 23:44 - 2017-04-30 09:07 - 000454968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-11-20 23:44 - 2017-04-30 09:07 - 000152048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2019-11-20 23:44 - 2017-04-30 09:07 - 000130584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-11-20 23:44 - 2017-04-30 09:07 - 000082784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-11-20 18:54 - 2017-04-30 09:07 - 008785212 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-11-14 22:51 - 2017-12-10 19:19 - 000000000 ___RD C:\Users\Richie\3D Objects
2019-11-14 22:51 - 2016-11-21 08:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-14 22:47 - 2018-12-29 16:39 - 005097704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-13 19:44 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-13 19:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-11-13 19:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-13 19:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-13 19:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-13 19:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-13 19:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-13 19:44 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-13 19:04 - 2017-02-13 18:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-13 19:00 - 2017-02-13 18:06 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-13 18:59 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-13 18:10 - 2017-02-11 00:08 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2018-06-12 19:03 - 2018-06-12 19:03 - 000029696 _____ () C:\Users\Richie\AppData\Local\MSGBOX.EXE
2018-09-28 16:25 - 2018-09-28 16:25 - 000000000 _____ () C:\Users\Richie\AppData\Local\oobelibMkey.log
2017-02-19 11:51 - 2017-08-03 18:51 - 000007597 _____ () C:\Users\Richie\AppData\Local\Resmon.ResmonCfg
2017-02-28 13:55 - 2017-02-28 13:56 - 000019456 _____ () C:\Users\Richie\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#7 Příspěvek od **Conder** » 12 pro 2019 16:01

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {BF44342E-FA72-4EA7-A701-14302DB3F77A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=rg&utm_content=hp&from=smt&uid=ST9750423AS_6WS0Q7M3XXXX6WS0Q7M3&ts=1383772572"
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
2019-12-07 15:42 - 2019-12-07 15:43 - 000000000 ____D C:\rsit
2019-12-07 15:41 - 2019-12-07 15:42 - 001222144 _____ C:\Users\Richie\Downloads\RSITx64.exe
2019-12-07 15:42 - 2017-06-11 17:16 - 000000000 ____D C:\Program Files\trend micro
2018-06-12 19:03 - 2018-06-12 19:03 - 000029696 _____ () C:\Users\Richie\AppData\Local\MSGBOX.EXE
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
FirewallRules: [{ACBB1D34-BF89-471A-AA6B-07EE54328934}] => (Block) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File
FirewallRules: [{6D6B7A96-53DF-48B8-875E-BAAF70764B9A}] => (Block) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

SyncMaster · #8 Příspěvek od **SyncMaster** » 13 pro 2019 13:59

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Richie (13-12-2019 13:46:08) Run:1
Running from C:\Users\Richie\Desktop
Loaded Profiles: Richie & SQLTELEMETRY$SQLEXPRESS (Available Profiles: defaultuser0 & Richie & DP & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {BF44342E-FA72-4EA7-A701-14302DB3F77A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.dosearches.com/?utm_source=b&utm_me ... 1383772572"
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
2019-12-07 15:42 - 2019-12-07 15:43 - 000000000 ____D C:\rsit
2019-12-07 15:41 - 2019-12-07 15:42 - 001222144 _____ C:\Users\Richie\Downloads\RSITx64.exe
2019-12-07 15:42 - 2017-06-11 17:16 - 000000000 ____D C:\Program Files\trend micro
2018-06-12 19:03 - 2018-06-12 19:03 - 000029696 _____ () C:\Users\Richie\AppData\Local\MSGBOX.EXE
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
FirewallRules: [{ACBB1D34-BF89-471A-AA6B-07EE54328934}] => (Block) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File
FirewallRules: [{6D6B7A96-53DF-48B8-875E-BAAF70764B9A}] => (Block) D:\instalacky\rsadlic\rsa4ws_setup\installerimage_win32_win32_x86_64\install.exe No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 15
Average :
Sum : 18627782
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF44342E-FA72-4EA7-A701-14302DB3F77A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF44342E-FA72-4EA7-A701-14302DB3F77A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
HKLM\System\CurrentControlSet\Services\CCSDK => removed successfully
CCSDK => service removed successfully
HKLM\System\CurrentControlSet\Services\SUService => removed successfully
SUService => service removed successfully
C:\rsit => moved successfully
C:\Users\Richie\Downloads\RSITx64.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Richie\AppData\Local\MSGBOX.EXE => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\EPP => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\EPP => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\EPP => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACBB1D34-BF89-471A-AA6B-07EE54328934}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D6B7A96-53DF-48B8-875E-BAAF70764B9A}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25426559 B
Java, Flash, Steam htmlcache => 19361473 B
Windows/system/drivers => 42868416 B
Edge => 37888 B
Chrome => 454918099 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 11742 B
defaultuser0 => 11742 B
Richie => 0 B
DP => 280940 B
SQLTELEMETRY$SQLEXPRESS => 280940 B
MSSQL$SQLEXPRESS => 280940 B
DefaultAppPool => 280940 B

RecycleBin => 0 B
EmptyTemp: => 528.3 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 13:55:35 ====

#9 Příspěvek od **Conder** » 14 pro 2019 01:32

Ako to vyzera s PC? Su nejake problemy?

SyncMaster · #10 Příspěvek od **SyncMaster** » 14 pro 2019 11:19

Všetko ide ako má

)

#11 Příspěvek od **Conder** » 14 pro 2019 23:30

Tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

SyncMaster · #12 Příspěvek od **SyncMaster** » 16 pro 2019 13:12

# DelFix v1.013 - Logfile created 16/12/2019 at 13:15:51
# Updated 17/04/2016 by Xplode
# Username : Richie - RICHARD
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

#13 Příspěvek od **Conder** » 16 pro 2019 23:58

Toto je OK

VIRY.CZ

Preventivka logu

Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu

Re: Preventivka logu