Právě je 17 črc 2019 12:29

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 11 ] 
Autor Zpráva
PříspěvekNapsal: 28 bře 2019 23:00 
Offline
Návštěvník
Návštěvník

Registrován: 14 úno 2007 21:26
Příspěvky: 10
Dobrý den, po startu Win 10 mi naskočila hláška:

Při spouštění souboru winscomrssrv.dll došlo k problému.

Operace nebyla úspěšně dokončena, protože soubor obsahuje virus nebo potenciálně nežádoucí software.

Přikládám log a moc děkuji za kontrolu.


Přílohy:
FRST.rar [19.2 KiB]
25 krát
Nahoru
 Profil  
 
PříspěvekNapsal: 28 bře 2019 23:00 
Offline
Návštěvník
Návštěvník

Registrován: 14 úno 2007 21:26
Příspěvky: 10
A ještě přikládám Addition.txt


Přílohy:
Addition.rar [10.25 KiB]
17 krát
Nahoru
 Profil  
 
PříspěvekNapsal: 29 bře 2019 10:26 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108978
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 30 bře 2019 00:38 
Offline
Návštěvník
Návštěvník

Registrován: 14 úno 2007 21:26
Příspěvky: 10
Ahoj, provedeno a přikládám log(y).

Moc děkuji!


Přílohy:
Logs.rar [1.4 KiB]
19 krát
Nahoru
 Profil  
 
PříspěvekNapsal: 30 bře 2019 11:18 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108978
Bydliště: Plzeň
OK. Teď dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 30 bře 2019 13:25 
Offline
Návštěvník
Návštěvník

Registrován: 14 úno 2007 21:26
Příspěvky: 10
Nové logy z FRST v příloze.

Po každém spuštění mi ale PC hlásí problém:

RunDLL

Při spouštění souboru winscomrssrv.dll došlo k problému.

Uvedený modul nebyl nalezen.



Moc díky!


Přílohy:
FRST30_3.rar [27.47 KiB]
13 krát
Nahoru
 Profil  
 
PříspěvekNapsal: 30 bře 2019 20:15 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108978
Bydliště: Plzeň
To budou zbytky po šmejdu. Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3118061195-2666001887-1143996050-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-3118061195-2666001887-1143996050-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1444677887&z=7fb2a724eec7deaa414c132g9zdz8zfq8m4mbq6q4o&from=obw&uid=CrucialXCT128MX100SSD1_14440DA5CBA00DA5CBA0","hxxps://www.google.com/"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
Task: {2B498D16-25CD-4960-844A-C3F97AF33148} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {3B296B92-4F3A-4650-8804-D9B5FFBA86BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {869D20D8-82B2-4D42-A263-29BA20E18C6A} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
C:\Users\Tomáš\AppData\Local\Temp

EmptyTemp:
Hosts:
End


Uložte do D:\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 30 bře 2019 23:14 
Offline
Návštěvník
Návštěvník

Registrován: 14 úno 2007 21:26
Příspěvky: 10
Moc díky, error už se nezobrazuje!


Přílohy:
Fixlog.rar [2.17 KiB]
11 krát
Nahoru
 Profil  
 
PříspěvekNapsal: 31 bře 2019 10:07 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108978
Bydliště: Plzeň
OK, smazáno. Jsem rád, že je problém vyřešen. Nemáte zač! :)

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 16 kvě 2019 21:23 
Offline
Návštěvník
Návštěvník

Registrován: 12 bře 2019 20:31
Příspěvky: 15
Ahoj. Rovnaky problem. Dalsie problemy su,ze mi zmizol win defender. Nie je ani v registroch,nie je subor,nie je ani v services. Posledny problem,dnes i skolaboval win update..chyba 0x80070424. V servisoch taktiez chyba Windows update. takze ho nejaky virus zmazal. Detto defender

Poprosim nesahat na HOSTS

frst
Kód:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05.2019
Ran by Percian (administrator) on PERCIAN-PC (MSI MS-7984) (16-05-2019 22:19:10)
Running from D:\Stiahnuté súbory
Loaded Profiles: Percian (Available Profiles: Percian)
Platform: Windows 10 Home Version 1809 17763.475 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.9.0_x64__rcb0qdgx4z9ca\EasyMailReLaunch.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
(Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(File-New-Project) [File not signed] C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.1.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Business Slim Keyboard\SkWLUSB.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Percian\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Open Source Developer, Birunthan Mohanathas -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Wagnardsoft -> Wagnardsoft) C:\Program Files (x86)\ISLC v1.0.1.1\Intelligent standby list cleaner ISLC.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [HP Business Slim Keyboard] => C:\Program Files (x86)\Hewlett-Packard\HP Business Slim Keyboard\SKWLUSB.exe [3513344 2015-09-16] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26252472 2018-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-30] (Valve -> Valve Corporation)
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3114256 2019-05-07] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\Policies\system: [DisableLockWorkstation] 0
HKLM\...\Drivers32: [msacm.vorbis] => c:\windows\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => c:\windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-01] (Google LLC -> Google Inc.)
Startup: C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-05-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Percian\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Origin.lnk [2016-12-27]
ShortcutTarget: Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts)
Startup: C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2018-01-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Open Source Developer, Birunthan Mohanathas -> Rainmeter)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02B31C00-E31F-427A-B3D6-863D4DF462D0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\windows\explorer.exe /NOUACCHECK
Task: {0D40D1A3-E430-444E-ADBE-EFE36196DF87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-06] (Google Inc -> Google Inc.)
Task: {11C87778-0B56-41C7-9477-2AFD5C778255} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D363393-E523-4F31-948B-10C6CF581E54} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33B72A9A-49A9-4D87-81DE-2B690AE48C76} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {49BC2B45-3843-4B2A-A5C7-E742C2B0D4A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {57B29F0B-B49B-48B8-BFE0-AADF2BB343B0} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {5B82E2A9-7FCD-4F3B-9773-114802B1BE10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {71EE06C9-E581-436F-9126-F1F5EBA2A390} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7AE1E0AD-6A60-4A5F-AE7B-F11DA7FC6D85} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8032D6A9-80D9-44E3-BD3B-A063340FAEA9} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8916F6EA-F371-454D-A77D-40D2500A9A0E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {8F46CFAD-BD9B-48B2-9A90-6F5F4A87BC09} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {962005D5-D3F4-4CA0-AC53-CDB2E6E17548} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {A3D0BECC-8379-45F3-805A-3F2251205222} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB3081C4-098A-4467-87C4-FE7E3999FD94} - System32\Tasks\EmptyStandbyList => C:\Program Files (x86)\ISLC v1.0.1.1\Intelligent standby list cleaner ISLC.exe [401088 2019-04-13] (Wagnardsoft -> Wagnardsoft)
Task: {B375AF12-8CDE-413F-967C-8011AF889501} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [814872 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {B87FEA9A-35AA-44DB-9AFE-1B884BFBFE7A} - System32\Tasks\S-1-5-21-3469067180-768828901-2224403390-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [134144 2019-03-16] (Microsoft Windows -> Microsoft Corporation)
Task: {BED651EC-657F-499B-865C-A9E765D399A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8C5B7EA-50FC-4C72-90C9-14928C00BD03} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-06] (Google Inc -> Google Inc.)
Task: {DF3A420B-38D4-48BA-ACB5-A3F48EDE2467} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED744DA4-083B-4AC2-A8A2-386D4F6F35B1} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [462288 2018-11-15] (Bitdefender SRL -> Bitdefender)
Task: {FA02A121-FD91-42EA-8CDB-66196FFFC563} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {FC955F48-EF14-4CCA-B735-0E63FB456864} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{930ec9f4-b851-4952-9ef0-f8bd9bb054ad}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ea0f2e4e-dd5c-4293-99da-552612341ab9}: [NameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-01] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

Edge:
======
Edge Session Restore: HKU\S-1-5-21-3469067180-768828901-2224403390-1001 -> is enabled.
Edge Extension: (Mouse Gestures) -> MouseGestures_MicrosoftMouseGestures_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.MouseGestures_0.6.17136.0_neutral__8wekyb3d8bbwe [2019-05-16]

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3469067180-768828901-2224403390-1001: jpl.nasa.gov/NASAEyes -> C:\Users\Percian\AppData\Roaming\JPL-NASA-Caltech\NASA's Eyes\npNASAEyes.dll [2019-01-25] (NASA Jet Propulsion Laboratory -> Jet Propulsion Laboratory)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default [2019-05-16]
CHR Extension: (Prekladač Google) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-11-07]
CHR Extension: (Prezentácie) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-06]
CHR Extension: (Dokumenty) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-06]
CHR Extension: (Disk Google) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22]
CHR Extension: (YouTube) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20]
CHR Extension: (Tabuľky) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-06]
CHR Extension: (I don't care about cookies) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2019-04-27]
CHR Extension: (Word Online) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2018-08-10]
CHR Extension: (Úpravy súborov Office v Dokumentoch Google) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2019-03-01]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Facebook Video Volume Sync) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\glhknbfninokkdmkemhahjldjilleenp [2018-01-15]
CHR Extension: (Tabs to the Front) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiembaoomcehoiehhdldabfgnmphappc [2018-01-14]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2019-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Mouse Gesture Events) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogjdgjefnddnjhkibmblgiofbjdgnahc [2019-03-27]
CHR Extension: (Gmail) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-24]
CHR Extension: (Password Checkup) - C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijclecjno [2019-02-16]
CHR Profile: C:\Users\Percian\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-13]
CHR Profile: C:\Users\Percian\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AsusStrixBox; C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixBoxSvc32.exe [300032 2016-01-20] () [File not signed]
S3 AtcHost; C:\Program Files\Bitdefender Antivirus Free\atchost.exe [1457112 2019-04-04] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2195280 2018-03-22] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-09] (BattlEye Innovations e.K. -> )
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [122880 2017-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [File not signed]
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation -> Microsoft Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2191032 2018-11-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-05-07] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175216 2019-05-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-02-21] (Even Balance, Inc. -> )
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender SRL -> Bitdefender)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [246688 2018-11-13] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [341136 2018-11-13] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [246688 2018-11-13] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSSC150; C:\WINDOWS\system32\DRIVERS\ASUSSC150.sys [1319424 2015-08-17] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTeK)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1534688 2019-04-04] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2019-01-29] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1074984 2017-01-18] (Creative Technology Ltd -> Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [42792 2017-01-18] (Creative Technology Ltd -> Creative Technology Ltd)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [294848 2019-02-22] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [201000 2018-11-20] (Bitdefender SRL -> BitDefender LLC)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-07-11] (Logitech Inc -> Logitech Inc.)
S1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2015-11-04] (PAIPTAC  Driver -> )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [41512 2018-01-11] (Intel Corporation -> )
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [181904 2017-12-14] (RH Software -> Ray Hinchliffe)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2016-05-12] (ZJMedia Digital Technology Ltd. -> WinISO.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 22:19 - 2019-05-16 22:19 - 000000000 ____D C:\FRST
2019-05-16 21:52 - 2019-05-16 21:52 - 000076732 _____ C:\ProgramData\agent.update.1558036330.bdinstall.v2.bin
2019-05-16 21:50 - 2019-05-16 21:50 - 000001195 ____C C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-05-16 21:49 - 2019-05-16 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2019-05-16 21:49 - 2019-05-16 21:49 - 000000000 ____D C:\ProgramData\Bitdefender
2019-05-16 21:49 - 2019-04-04 15:28 - 001534688 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2019-05-16 21:49 - 2019-03-21 01:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2019-05-16 21:49 - 2019-02-22 12:23 - 000294848 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2019-05-16 21:49 - 2019-01-29 10:39 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2019-05-16 21:49 - 2019-01-14 17:25 - 000610640 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2019-05-16 21:49 - 2018-11-20 11:42 - 000201000 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2019-05-16 21:49 - 2018-11-19 14:10 - 000374632 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2019-05-16 21:48 - 2019-05-16 22:19 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-05-16 21:43 - 2019-05-16 21:43 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-05-16 21:41 - 2019-05-16 21:52 - 000000000 ____D C:\Program Files\Bitdefender Agent
2019-05-16 21:41 - 2019-05-16 21:41 - 000103988 _____ C:\ProgramData\agent.1558035706.bdinstall.v2.bin
2019-05-16 21:41 - 2019-05-16 21:41 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-05-16 21:30 - 2019-05-16 21:30 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-05-16 21:28 - 2019-05-16 21:28 - 002615296 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartupCheckLibrary.dll
2019-05-16 21:24 - 2019-05-16 21:24 - 000003456 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-16 21:24 - 2019-05-16 21:24 - 000003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-16 11:28 - 2019-05-16 11:28 - 000000000 ____D C:\Users\Percian\AppData\Roaming\A Plague Tale Innocence
2019-05-14 12:04 - 2019-05-14 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lennar Digital Sylenth1 v2.2.1.X
2019-05-14 12:04 - 2019-05-14 12:04 - 000000000 ____D C:\Program Files\VST Plugins
2019-05-13 16:20 - 2019-05-13 16:21 - 000000000 ____D C:\Users\Percian\AppData\Local\Strange Brigade
2019-05-13 16:18 - 2019-05-13 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strange Brigade
2019-05-13 16:11 - 2019-05-13 16:19 - 000000000 ____D C:\Program Files (x86)\Strange Brigade
2019-05-13 15:40 - 2019-05-13 15:40 - 000300596 ____C C:\Users\Percian\Documents\cc_20190513_154035.reg
2019-05-13 12:11 - 2019-05-13 12:14 - 000000000 ____D C:\Program Files (x86)\vst32
2019-05-13 12:11 - 2019-05-13 12:14 - 000000000 ____D C:\Program Files (x86)\Image-Line
2019-05-08 21:14 - 2019-05-14 12:01 - 000000000 ___DC C:\Users\Percian\Documents\FabFilter
2019-05-08 21:14 - 2019-05-08 21:24 - 000000000 ____D C:\Users\Percian\AppData\Roaming\FabFilter
2019-05-08 21:09 - 2019-05-13 12:51 - 000000000 ____D C:\Program Files\FabFilter
2019-05-07 23:51 - 2019-05-08 21:09 - 000000000 ____D C:\Program Files\Common Files\VST3
2019-05-07 23:07 - 2019-05-13 12:51 - 000000000 ___SD C:\ProgramData\Waves Audio
2019-05-07 23:07 - 2019-05-08 00:59 - 000000000 ____D C:\Users\Percian\AppData\Local\Waves Audio
2019-05-07 23:07 - 2019-05-07 23:07 - 000000000 ____D C:\Users\Percian\AppData\Roaming\Waves Audio
2019-05-07 23:07 - 2019-05-07 23:07 - 000000000 ____D C:\Users\Percian\.Waves Central
2019-05-07 23:06 - 2019-05-13 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2019-05-07 23:05 - 2019-05-13 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves Central
2019-05-04 12:02 - 2019-05-04 12:02 - 000000000 ___DC C:\Users\Percian\Documents\Rockstar Games
2019-05-04 12:02 - 2019-05-04 12:02 - 000000000 ____D C:\Users\Percian\AppData\Local\Rockstar Games
2019-05-04 11:49 - 2019-05-04 11:49 - 000000000 ____D C:\Users\Percian\AppData\Local\A
2019-05-04 11:48 - 2018-04-29 17:27 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-05-04 11:48 - 2018-01-29 01:09 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2019-05-03 21:48 - 2019-05-03 21:48 - 026810880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 023441920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 012844032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 012140032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 007645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 006544256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-03 21:48 - 2019-05-03 21:48 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-03 21:48 - 2019-05-03 21:48 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-03 21:48 - 2019-05-03 21:48 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002275888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001697960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-03 21:48 - 2019-05-03 21:48 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001653760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001469168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 001044520 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-03 21:48 - 2019-05-03 21:48 - 000806600 _____ C:\WINDOWS\system32\locale.nls
2019-05-03 21:48 - 2019-05-03 21:48 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-05-03 21:48 - 2019-05-03 21:48 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-05-03 21:48 - 2019-05-03 21:48 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-03 21:48 - 2019-05-03 21:48 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000514632 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-05-03 21:48 - 2019-05-03 21:48 - 000451080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-03 21:48 - 2019-05-03 21:48 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000280592 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-03 21:48 - 2019-05-03 21:48 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-03 21:48 - 2019-05-03 21:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-03 19:14 - 2019-05-03 19:14 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2019-05-01 21:21 - 2019-05-01 21:21 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-05-01 21:21 - 2019-05-01 21:21 - 000000000 ____D C:\Users\Percian\AppData\Roaming\Sun
2019-05-01 21:21 - 2019-05-01 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-05-01 21:21 - 2019-05-01 21:21 - 000000000 ____D C:\Program Files\Java
2019-05-01 20:36 - 2019-05-01 20:36 - 000000000 ____D C:\Users\Percian\AppData\Roaming\java
2019-05-01 20:33 - 2019-05-02 13:03 - 000000000 ____D C:\Users\Percian\AppData\Roaming\.minecraft
2019-05-01 20:33 - 2019-05-01 20:33 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2019-04-30 16:11 - 2019-04-30 16:11 - 000000000 ____D C:\Users\Percian\AppData\Local\Supraland
2019-04-28 14:42 - 2019-04-28 14:42 - 000001088 _____ C:\Users\Percian\Kygo.fxp
2019-04-27 13:39 - 2019-04-27 13:39 - 000000000 ____D C:\ProgramData\T0NIT0RMX
2019-04-27 13:39 - 2019-04-27 13:39 - 000000000 ____D C:\Program Files\Csound6_x64
2019-04-25 21:16 - 2019-04-25 22:25 - 000000000 ____D C:\Program Files (x86)\ISLC v1.0.1.1
2019-04-24 13:27 - 2019-05-13 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3
2019-04-22 17:22 - 2019-04-22 17:22 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2019-04-22 17:22 - 2019-04-22 17:22 - 000000000 ____D C:\Users\Percian\AppData\Roaming\WinISO Computing
2019-04-22 17:22 - 2019-04-22 17:22 - 000000000 ____D C:\Users\Percian\AppData\Local\WinISO Computing
2019-04-22 17:22 - 2019-04-22 17:22 - 000000000 ____D C:\Program Files (x86)\WinISO Computing
2019-04-22 17:22 - 2016-05-12 08:07 - 000204032 _____ (WinISO.com) C:\WINDOWS\system32\Drivers\WinisoCDBus.sys
2019-04-17 19:30 - 2019-04-17 19:33 - 000000000 ___DC C:\Users\Percian\Documents\Assassin's Creed Unity
2019-04-17 18:33 - 2019-04-19 19:33 - 000000000 ____D C:\Users\Percian\AppData\Local\Ubisoft Game Launcher
2019-04-17 18:33 - 2019-04-17 18:33 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-04-17 18:33 - 2019-04-17 18:33 - 000000000 ____D C:\Program Files (x86)\Ubisoft

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 22:20 - 2019-03-31 18:33 - 000000000 ____D C:\Users\Percian\AppData\Roaming\vlc
2019-05-16 22:20 - 2019-03-23 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire the Masquerade - Bloodlines [GOG.com]
2019-05-16 22:20 - 2018-09-15 18:25 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-05-16 22:20 - 2018-09-15 18:25 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Containers
2019-05-16 22:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-16 22:20 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-05-16 22:20 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-05-16 22:20 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\servicing
2019-05-16 22:20 - 2017-12-18 21:46 - 000000000 ____D C:\SWC.Layout.Manager.v.1.4.1
2019-05-16 22:20 - 2016-08-02 20:37 - 000000000 ___DC C:\Users\Percian\AppData\Local\ConnectedDevicesPlatform
2019-05-16 22:20 - 2015-11-22 18:49 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\XnView
2019-05-16 22:20 - 2015-09-25 18:50 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\uTorrent
2019-05-16 22:20 - 2015-09-14 17:24 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\Rainmeter
2019-05-16 22:20 - 2015-09-09 18:55 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-05-16 22:20 - 2015-09-09 17:08 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\GHISLER
2019-05-16 22:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\registration
2019-05-16 22:10 - 2019-03-17 00:43 - 000858604 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-16 22:10 - 2019-03-17 00:43 - 000003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2019-05-16 22:10 - 2019-03-17 00:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-16 22:10 - 2019-02-14 12:30 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-16 22:10 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-16 22:10 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-16 22:10 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-16 22:10 - 2017-12-24 00:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-05-16 22:10 - 2015-09-12 12:15 - 000026722 _____ C:\WINDOWS\system32\perfh01B.dat
2019-05-16 22:10 - 2015-09-12 12:15 - 000008038 _____ C:\WINDOWS\system32\perfc01B.dat
2019-05-16 22:10 - 2015-09-10 16:58 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-16 21:50 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-16 21:41 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-16 21:28 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-05-16 21:27 - 2015-09-09 18:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-16 21:26 - 2015-09-09 18:16 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-16 21:25 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-16 21:25 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-16 21:22 - 2016-04-14 19:28 - 000000000 ____D C:\Games
2019-05-16 21:21 - 2019-03-17 00:40 - 000000000 ____D C:\Users\Percian
2019-05-16 20:20 - 2019-03-17 00:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-14 18:33 - 2016-04-11 23:16 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\AIMP
2019-05-14 12:05 - 2019-03-17 00:43 - 000004380 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-14 12:05 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-14 12:05 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-14 12:04 - 2015-10-22 18:01 - 000000000 ____D C:\Program Files (x86)\Vst64
2019-05-14 11:49 - 2018-01-06 00:09 - 000000000 ___DC C:\Users\Percian\AppData\Local\PlaceholderTileLogoFolder
2019-05-14 11:49 - 2017-11-22 12:17 - 000000000 ___DC C:\Users\Percian\AppData\Local\Packages
2019-05-13 18:32 - 2015-09-09 02:35 - 000000000 ___DC C:\Users\Percian\AppData\Local\ElevatedDiagnostics
2019-05-13 16:21 - 2018-05-12 12:55 - 000000000 ___DC C:\Users\Percian\AppData\Local\D3DSCache
2019-05-13 15:39 - 2019-03-16 21:28 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-13 15:39 - 2018-01-07 16:04 - 000000000 ___DC C:\Users\Percian\AppData\Local\CrashDumps
2019-05-13 15:39 - 2017-12-24 00:36 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\TeamViewer
2019-05-13 12:51 - 2018-12-12 01:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2019-05-13 12:51 - 2018-12-12 01:51 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator
2019-05-13 12:51 - 2015-09-09 18:00 - 000000000 ____D C:\Program Files (x86)\AIMP3
2019-05-13 12:51 - 2015-09-09 02:43 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-13 12:50 - 2015-09-13 13:15 - 000000000 ___DC C:\Users\Percian\AppData\Local\JDownloader v2.0
2019-05-13 12:50 - 2015-09-09 16:52 - 000000000 ____D C:\ProgramData\Origin
2019-05-13 12:14 - 2015-10-22 18:01 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2019-05-13 12:14 - 2015-10-22 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2019-05-13 11:53 - 2019-03-17 00:43 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3469067180-768828901-2224403390-1001
2019-05-13 11:53 - 2019-03-17 00:40 - 000002401 ____C C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-13 10:51 - 2015-09-13 16:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-07 23:06 - 2015-09-09 16:54 - 000000000 ___DC C:\Users\Percian\AppData\Roaming\Origin
2019-05-07 13:23 - 2015-10-16 18:51 - 000000000 ____D C:\Program Files (x86)\Origin
2019-05-07 13:23 - 2015-09-09 16:56 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-05-06 00:27 - 2018-12-18 23:28 - 000000000 ____D C:\Program Files\WhoCrashed
2019-05-04 12:02 - 2019-01-15 23:56 - 000000000 ____D C:\ProgramData\Socialclub
2019-05-04 12:02 - 2016-07-23 16:24 - 000000000 ____D C:\ProgramData\Steam
2019-05-04 11:48 - 2019-03-24 01:50 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-05-04 09:58 - 2019-03-17 00:39 - 004969232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-01 22:53 - 2017-03-05 19:38 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-05-01 10:26 - 2017-11-06 13:55 - 000002316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-30 16:11 - 2015-10-17 00:49 - 000000000 ___DC C:\Users\Percian\AppData\Local\UnrealEngine
2019-04-27 13:39 - 2016-03-08 21:53 - 000000000 ____D C:\Program Files\VstPlugIns
2019-04-25 22:32 - 2015-09-09 00:13 - 000007616 ____C C:\Users\Percian\AppData\Local\Resmon.ResmonCfg
2019-04-25 22:17 - 2019-03-17 00:43 - 000003312 _____ C:\WINDOWS\System32\Tasks\EmptyStandbyList
2019-04-23 21:24 - 2018-02-27 17:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-23 16:55 - 2019-01-30 15:38 - 000000000 ___DC C:\Users\Percian\Documents\The Witcher 3
2019-04-22 18:29 - 2017-10-14 00:32 - 000000000 ___DC C:\Users\Percian\AppData\Local\JxBrowser
2019-04-22 17:18 - 2015-09-09 17:08 - 000000000 ____D C:\Program Files (x86)\totalcmd
2019-04-21 21:27 - 2019-01-16 21:27 - 000000000 ____D C:\Program Files (x86)\Shadow Of The Tomb Raider

==================== Files in the root of some directories =======

2018-03-02 00:35 - 2018-03-02 00:35 - 000000048 _____ () C:\Program Files (x86)\bu17ocsslj.dat
2017-09-14 12:31 - 2017-09-14 12:31 - 000000016 ____C () C:\Users\Percian\AppData\Roaming\msregsvv.dll
2016-09-27 19:47 - 2016-09-27 19:47 - 000000104 ___HC () C:\Users\Percian\AppData\Roaming\WPVXAP.setting
2015-09-28 00:35 - 2018-12-21 19:01 - 002128896 ____C () C:\Users\Percian\AppData\Local\file__0.localstorage
2015-09-09 00:13 - 2019-04-25 22:32 - 000007616 ____C () C:\Users\Percian\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================



Additional

Kód:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05.2019
Ran by Percian (16-05-2019 22:20:11)
Running from D:\Stiahnuté súbory
Windows 10 Home Version 1809 17763.475 (X64) (2019-03-16 22:43:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3469067180-768828901-2224403390-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3469067180-768828901-2224403390-503 - Limited - Disabled)
Guest (S-1-5-21-3469067180-768828901-2224403390-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3469067180-768828901-2224403390-1006 - Limited - Enabled)
Percian (S-1-5-21-3469067180-768828901-2224403390-1001 - Administrator - Enabled) => C:\Users\Percian
WDAGUtilityAccount (S-1-5-21-3469067180-768828901-2224403390-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version:  - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version:  - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version:  - Microsoft)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.15.108 - Bitdefender)
calibre (HKLM-x32\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
Crucial Storage Executive (HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\Crucial Storage Executive 3.20.042015.06) (Version: 3.65.012019.06 - Crucial)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Driver Sweeper verzia 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version:  - )
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Facebook Gameroom 1.21.6907.27509 (HKLM-x32\...\{E34773A0-158F-4322-8849-2C13BBCD6C68}) (Version: 1.21.6907.27509 - Facebook)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HP Business Slim Keyboard (HKLM-x32\...\{E9D7FD0D-CF46-4FEB-9C57-7AACCFBF6C36}) (Version: 1.07 - Hewlett-Packard)
HWiNFO64 Version 5.24 (HKLM\...\HWiNFO64_is1) (Version: 5.24 - Martin Malík - REALiX)
IK Multimedia Authorization Manager version 1.0.15 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.15 - IK Multimedia)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Network Connections 23.1.100.0 (HKLM\...\PROSetDX) (Version: 23.1.100.0 - Intel)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
Media Feature Pack for Windows 10 N and KN (HKLM-x32\...\{ef11e192-acd9-485d-8860-ee2102cc2a69}) (Version: 1.0.0 - Microsoft) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.12.2 (HKLM-x32\...\Minecraft1.12.2) (Version:  - )
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.49 - MSI)
Native Instruments Kontakt 4 (HKLM-x32\...\Native Instruments Kontakt 4) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.1.637 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
NVIDIA Ovládač zvuku HD 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.38.25027 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.1 r2989 - Rainmeter)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Sound Blaster Z-Series (HKLM-x32\...\{DAB64FB1-0BBB-486E-9C57-A3E34F463AEB}) (Version: 1.01.10 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
Star Wars®: Knights of the Old Republic (TM) (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strange Brigade (HKLM-x32\...\{F136296D-5CD4-45BA-B398-EF28D1F687A4}_is1) (Version:  - Rebellion)
StrixBoxServiceSetup (HKLM\...\{AD439AEF-B458-48EE-A005-3069FD98B7CA}) (Version: 1.0.9 - ASUSTeKcomputer.Inc) Hidden
Sylenth1 version 2.2.1.X (HKLM-x32\...\{3A739C30-3D3D-4B91-B82E-15874763FD86}_is1) (Version: 2.2.1.X - Lennar Digital)
TeamSpeak 3 Client (HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
The Witcher 3: GotY Edition (HKLM-x32\...\The Witcher 3: GotY Edition_is1) (Version:  - )
ToneZ version 1.1.1 (HKLM-x32\...\{33AF593B-14BF-4226-B6DE-DFB93CA35370}_is1) (Version: 1.1.1 - T0NIT0 RMX)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
T-RackS CS version 4.9.0 (HKLM\...\{E931EBCC-55F9-4D67-BA0E-D57C4A893A44}_is1) (Version: 4.9.0 - IK Multimedia)
Tropico 6 (HKLM-x32\...\Tropico 6_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 0.17.11 - Black Tree Gaming Ltd.)
WhoCrashed 6.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.5976 - WinISO Computing Inc.)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
XnView 2.40 (HKLM-x32\...\XnView_is1) (Version: 2.40 - Gougelet Pierre-e)

Packages:
=========
App Radio -> C:\Program Files\WindowsApps\34628NielsCup.AppRadio_10.1.6.0_x64__kz2v1f325crd8 [2019-05-16] (Niels Cup)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-16] (Microsoft Corporation)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.1.0_x86__1sdd7yawvg6ne [2019-05-16] (File-New-Project)
EasyMail for Gmail -> C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.9.0_x64__rcb0qdgx4z9ca [2019-05-16] (Tim Grabinat)
Excel Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Excel_16001.11629.20114.0_x64__8wekyb3d8bbwe [2019-05-16] (Microsoft Corporation)
Fiction Book Reader Premium -> C:\Program Files\WindowsApps\52172VitaliyLeschenkoBY.FictionBookReader_10.0.74.0_x64__7jrbkny5pr6s8 [2019-05-16] (Vitaliy Leschenko BY)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.0_x86__8wekyb3d8bbwe [2019-05-16] (Microsoft Corporation)
Mouse Gestures -> C:\Program Files\WindowsApps\Microsoft.MouseGestures_0.6.17136.0_neutral__8wekyb3d8bbwe [2019-05-16] (Microsoft Corporation)
Rambling Pathways -> C:\Program Files\WindowsApps\Microsoft.RamblingPathways_1.0.0.0_neutral__8wekyb3d8bbwe [2019-05-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2018-12-07] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2018-12-07] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Percian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Percian\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) ==============

2019-03-05 16:06 - 2019-03-05 16:06 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 16:06 - 2019-03-05 16:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 16:07 - 2019-03-05 16:07 - 000642048 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 16:06 - 2019-03-05 16:06 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 16:06 - 2019-03-05 16:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-03-05 16:00 - 2019-03-05 16:00 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-03-05 16:00 - 2019-03-05 16:00 - 000072704 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-03-05 16:00 - 2019-03-05 16:00 - 000364544 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2018-01-31 14:36 - 2018-01-31 14:36 - 000419328 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL
2018-01-31 14:38 - 2018-01-31 14:38 - 000453120 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Provider.dll
2019-05-14 11:48 - 2019-05-14 11:49 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.9.0_x64__rcb0qdgx4z9ca\e_sqlite3.dll
2019-05-14 11:48 - 2019-05-14 11:49 - 026662912 _____ () [File not signed] C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.9.0_x64__rcb0qdgx4z9ca\EasyMailReLaunch.dll
2019-05-14 11:48 - 2019-05-14 11:49 - 000020992 _____ () [File not signed] C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.9.0_x64__rcb0qdgx4z9ca\EasyMailReLaunch.exe
2019-03-05 16:02 - 2019-03-05 16:02 - 000073320 _____ (Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
2019-03-05 16:02 - 2019-03-05 16:02 - 000261736 _____ (Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2017-12-14 19:51 - 2019-03-05 16:02 - 000468072 _____ (Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2017-12-14 19:51 - 2019-03-05 16:02 - 000508520 _____ (Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2019-03-05 16:02 - 2019-03-05 16:02 - 000065640 _____ (Alexey Nicolaychuk -> ) [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2012-10-08 17:53 - 2012-10-08 17:53 - 000423424 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
2018-03-15 11:47 - 2009-03-18 17:00 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2014-07-03 18:22 - 2014-07-03 18:22 - 000555008 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTAudEp.dll
2011-09-16 18:04 - 2011-09-16 18:04 - 000238080 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTLoadRs.dll
2013-02-27 12:29 - 2013-02-27 12:29 - 000251904 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\HKDetect.dll
2014-11-24 17:53 - 2014-11-24 17:53 - 000877056 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
2019-04-04 10:44 - 2019-04-04 10:44 - 001159680 _____ (File-New-Project) [File not signed] C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.1.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
2015-09-16 14:18 - 2015-09-16 14:18 - 003513344 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Business Slim Keyboard\SkWLUSB.exe
2016-03-18 11:03 - 2016-03-18 11:03 - 000008704 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2018-01-31 14:42 - 2018-01-31 14:42 - 000505856 _____ (Intel Corporation) [File not signed] C:\WINDOWS\system32\IProsetMonitor.exe
2018-01-31 14:34 - 2018-01-31 14:34 - 001619968 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\CoreAgnt.dll
2018-01-31 14:35 - 2018-01-31 14:35 - 000411136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\Rule.DLL
2018-01-31 14:36 - 2018-01-31 14:36 - 000902144 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\VlanAgent.dll
2018-01-31 14:37 - 2018-01-31 14:37 - 000636416 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Core.dll
2018-01-31 14:37 - 2018-01-31 14:37 - 000671232 _____ (Intel(R) Corporation) [File not signed] C:\WINDOWS\SYSTEM32\Ncs2InstUtility.dll
2018-01-25 12:10 - 2018-01-25 12:10 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\WINDOWS\system32\NCS2Setp.dll
2018-01-31 14:34 - 2018-01-31 14:34 - 004811264 _____ (Intel(R) Corporation) [File not signed] C:\WINDOWS\SYSTEM32\NcsColib.dll
2014-12-23 09:11 - 2014-12-23 09:11 - 000055808 _____ (LITE-ON Corp.) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Business Slim Keyboard\skhooks.dll
2014-11-06 15:02 - 2014-11-06 15:02 - 000049664 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Business Slim Keyboard\SKHidKbd.dll
2015-11-19 21:03 - 2015-11-19 21:03 - 000247808 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1051\mdmui.dll
2006-10-26 13:40 - 2006-10-26 13:40 - 000335872 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2017-11-26 16:49 - 000001531 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 www.r2rdownload.com
127.0.0.1 www.elephantafiles.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;c:\program files (x86)\intel\intel(r) management engine components\icls\;c:\program files\intel\intel(r) management engine components\icls\;c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\ati technologies\ati.ace\core-static;c:\program files (x86)\amd\ati.ace\core-static;c:\program files (x86)\calibre2\;c:\program files\crucial\crucial storage executive;c:\users\percian\appdata\local\microsoft\windowsapps;c:\adb;c:\windows\system32\openssh\;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\universal extractor;c:\program files (x86)\universal extractor\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Csound6_x64\bin
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Percian\AppData\Local\Microsoft\Windows\Themes\Footpaths\DesktopBackground\paths1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: MSI_LiveUpdate_Service => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "RoccatKone+"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\StartupApproved\StartupFolder: => "firefox – odkaz.lnk"
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\StartupApproved\StartupFolder: => "Origin.lnk"
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3469067180-768828901-2224403390-1001\...\StartupApproved\Run: => ""

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{43BC2861-9717-4835-9E79-41DF5A403EEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1F5244B7-3883-48F7-B2F8-4262325EB2A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A46733F7-E0EA-4DA7-9DBF-5ED62D773ADD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{533DB173-D467-4938-B66F-1A7E34F3F83A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF0D71A5-0E63-41A4-B408-DBEECE37974F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{5BAF1D7C-6F54-4820-8C31-E18A124A40EB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E6AFFBB9-BCA3-49E0-9E3B-339ECB65F8B6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{BC8757CB-E75D-4AC4-95CA-4687708F6983}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{90C0C4B6-8443-4F5B-8BEE-A57312D7C690}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E51917CC-1E9D-478D-BA34-6ED1A0D52905}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{605F722E-54BA-458A-87F2-B3D67F8D1A0C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{8414FF91-1DB2-49E1-826E-8DF08D5981F1}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{FB416D16-1D23-4A94-954C-6892345A383E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{F61BEC69-3609-4CCB-B88C-DE376B757826}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{C697216D-36F5-4C3D-856B-815218056527}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{FF58327B-E3CE-4AEC-80ED-91F4365698BA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{D5F84F4E-919F-4749-9BAB-74674800D31B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CD9F7705-5CD7-4218-BB88-D5899C0A3BBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6BBC1143-FB63-4629-BFA4-1ECA34C7C8F9}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{374424D1-17B8-41A6-A3FC-F51CA84EF9AA}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CC8BAEB0-1F2E-4747-BDB8-CE8F1DF18608}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{27F0D1DD-5023-4AFF-98D6-E72D39C4CB18}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4594CA27-B06C-4659-BFD3-8CBBC44CB17D}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7698C141-AAF0-4885-B404-CC02698618A4}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{D3360F51-B2AD-474A-A8F2-DD35352E4F7F}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{03469E64-3960-4AE4-ADFF-16DBEE7AFED1}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{006C0278-EA20-4B8C-B907-A2DD700A4F66}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{F6FB1DBC-F032-44BC-BC33-FED8EC70E748}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{8530EE8C-E8A8-4AB9-ACA0-E466C9FFACA7}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{88277956-4651-4D7D-9EA2-6F18A16D26A8}] => (Allow) C:\Users\Percian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DB233399-E0F2-4AC7-934A-769674EF18FE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D91AE63F-E7AA-4F07-A147-01144025F91B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{000207F1-B114-45C1-86D8-A30CD157AC75}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{418C6314-DC3E-4F95-8B87-7F2A194DF13D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{7A2F452E-AACA-4E16-A6C2-4685F48BD287}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{6DF767A1-C72D-4783-9C6B-9005A0CA8CA3}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{BB960BE9-784A-49B0-BCCD-010E9DFA7804}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1D11927B-F546-4C10-A669-C75EC930352E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{686CD88E-FFE5-40AD-8459-A1E6D5890E38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{51958CEF-22FF-4C8F-905C-A18B3D40B850}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7DE52C10-E69C-4453-B471-FCFA646838B2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6E5B58DE-EF55-463C-B030-B2B4E0A4EE5A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{D314A53B-B40C-480D-9C00-10CFFE9ABAE2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

15-05-2019 11:07:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2019 09:49:59 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_SNOOZED.

Error: (05/16/2019 09:49:59 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_SNOOZED.

Error: (05/16/2019 09:21:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3276,R,98) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU00076.log.

Error: (05/15/2019 09:32:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: StaRTS-standalonewindows-production-139-production.exe, verzia: 2017.2.1.37537, časová značka: 0x5a7a1784
Názov chybujúceho modulu: mono.dll_unloaded, verzia: 1.0.0.1, časová značka: 0x5a2fead2
Kód výnimky: 0xc0000005
Odstup chyby: 0x000f8ff3
Identifikácia chybujúceho procesu: 0xbec
Čas spustenia chybujúcej aplikácie: 0x01d50b4f99bfb190
Cesta chybujúcej aplikácie: C:\Users\Percian\AppData\Local\Facebook\Games\Games\518856528223038\29\StaRTS-standalonewindows-production-139-production.exe
Cesta chybujúceho modulu: mono.dll
Identifikácia hlásenia: fcbced18-17ba-4bdc-b226-9570420c348e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (05/15/2019 03:01:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: StaRTS-standalonewindows-production-139-production.exe, verzia: 2017.2.1.37537, časová značka: 0x5a7a1784
Názov chybujúceho modulu: mono.dll_unloaded, verzia: 1.0.0.1, časová značka: 0x5a2fead2
Kód výnimky: 0xc0000005
Odstup chyby: 0x000f8ff3
Identifikácia chybujúceho procesu: 0xef4
Čas spustenia chybujúcej aplikácie: 0x01d50b1961b15331
Cesta chybujúcej aplikácie: C:\Users\Percian\AppData\Local\Facebook\Games\Games\518856528223038\29\StaRTS-standalonewindows-production-139-production.exe
Cesta chybujúceho modulu: mono.dll
Identifikácia hlásenia: dd285b9b-a003-4f2b-ab18-962250a47b0c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (05/14/2019 10:43:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: StaRTS-standalonewindows-production-139-production.exe, verzia: 2017.2.1.37537, časová značka: 0x5a7a1784
Názov chybujúceho modulu: mono.dll_unloaded, verzia: 1.0.0.1, časová značka: 0x5a2fead2
Kód výnimky: 0xc0000005
Odstup chyby: 0x000f8ff3
Identifikácia chybujúceho procesu: 0xd60
Čas spustenia chybujúcej aplikácie: 0x01d50a2cad881ddf
Cesta chybujúcej aplikácie: C:\Users\Percian\AppData\Local\Facebook\Games\Games\518856528223038\29\StaRTS-standalonewindows-production-139-production.exe
Cesta chybujúceho modulu: mono.dll
Identifikácia hlásenia: 08fa108e-b5b0-4891-b8b8-6453fabfafe0
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (05/13/2019 03:39:49 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službe Windows Search sa nepodarilo spracovať zoznam zahrnutých a vylúčených umiestnení, pretože sa vyskytla chyba <30, 0x80040d07, "iehistory://{S-1-5-21-3469067180-768828901-2224403390-1001}/">.

Error: (05/13/2019 11:52:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3168,R,98) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU0159D.log.


System errors:
=============
Error: (05/16/2019 10:10:57 PM) (Source: DCOM) (EventID: 10016) (User: PERCIAN-PC)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID
Unavailable
 to the user PERCIAN-PC\Percian SID (S-1-5-21-3469067180-768828901-2224403390-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/16/2019 10:10:51 PM) (Source: DCOM) (EventID: 10016) (User: PERCIAN-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user PERCIAN-PC\Percian SID (S-1-5-21-3469067180-768828901-2224403390-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/16/2019 10:10:51 PM) (Source: DCOM) (EventID: 10016) (User: PERCIAN-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user PERCIAN-PC\Percian SID (S-1-5-21-3469067180-768828901-2224403390-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/16/2019 10:10:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 7 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (05/16/2019 10:10:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 5 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (05/16/2019 10:10:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (05/16/2019 10:10:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (05/16/2019 10:10:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 6 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.


Windows Defender:
===================================
Date: 2019-05-16 11:00:49.242
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4ED98E89-B704-47E4-B45E-D550A6714F39}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-05-13 18:36:46.486
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {99FF01D3-4990-4DCD-A178-09AF196B241E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-05-08 19:37:29.325
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AD0C7DFC-5B5A-457F-968F-967098913DA0}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-05-08 11:25:44.633
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.A!cl&threatid=2147723652&enterprise=0
Name: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Severity: Závažná
Category: Trójsky kôň
Path: containerfile:_D:\Stiahnuté súbory\FL_Studio_20_1_2.zip; file:_D:\Stiahnuté súbory\FL_Studio_20_1_2.zip->FL_Studio_20_1_2.zip->FL_Studio_20_1_2.exe; webfile:_D:\Stiahnuté súbory\FL_Studio_20_1_2.zip|about:internet|pid:9772,ProcessStart:132017790219397637
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.293.1114.0, AS: 1.293.1114.0, NIS: 1.293.1114.0
Engine Version: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-05-08 00:57:17.221
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Windows\wmu3\wlanext.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\wmu3\ZeroConfigService.exe
Signature Version: AV: 1.293.1071.0, AS: 1.293.1071.0, NIS: 1.293.1071.0
Engine Version: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-05-16 21:21:06.405
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

Date: 2019-05-16 18:48:44.034
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-05-13 11:52:35.179
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.90 05/11/2016
Motherboard: MSI Z170A GAMING PRO (MS-7984)
Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 34%
Total physical RAM: 16346.65 MB
Available physical RAM: 10700.02 MB
Total Virtual: 19346.65 MB
Available Virtual: 11213.37 MB

==================== Drives ================================

Drive c: (Nod) (Fixed) (Total:418.64 GB) (Free:86.31 GB) NTFS
Drive d: (data) (Fixed) (Total:449.22 GB) (Free:117.15 GB) NTFS
Drive e: (Volume) (Fixed) (Total:146.95 GB) (Free:49.43 GB) NTFS

\\?\Volume{e1d14b9f-b8b3-4a6e-b454-f867b23fc093}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{ceb55c30-b0eb-42f2-a75e-b78c7adf7f04}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 4C91AFED)
Partition 1: (Active) - (Size=147 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 17 kvě 2019 08:09 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108978
Bydliště: Plzeň
Zdravím!
2Per: Založte si, prosím, vlastní vlákno. Děkujeme.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 11 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?