Vracející se infekce - Hijack.ShellA.Gen

[Matadorik]

Dobrý den, při pravidelném skenu Malwarebytes byl detekovaný malware Hijack.ShellA.Gen který se neustále vracel po každém umístění do karantény. PC byl v současné době bohužel bez aktivního antiviru. Přikládám celý log z RSIT a MBAM. Děkuji za Váš čas.

RSIT:

Logfile of random's system information tool 1.16 (written by random/random)
Run by Matyas at 2017-05-29 09:49:12
Microsoft Windows 10 Home
System drive C: has 33 GB (33%) free of 99 GB
Total RAM: 8020 MB (63% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:49:15, on 29.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Users\Matyas\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe
C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
C:\Users\Matyas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Matyas_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {13D67BB7-DB5F-48AA-884D-7A5D94168509} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [9dbba36b20a05923f4f9e724157c594d] "C:\Users\Matyas\AppData\Roaming\DllSystem.exe" ..
O4 - HKCU\..\Run: [f.lux] "C:\Users\Matyas\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Matyas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [NimiPlaces] "C:\Program Files\Nimi Places\Nimi Places.exe"
O4 - HKCU\..\Run: [9dbba36b20a05923f4f9e724157c594d] "C:\Users\Matyas\AppData\Roaming\DllSystem.exe" ..
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: 9dbba36b20a05923f4f9e724157c594d.exe
O8 - Extra context menu item: Download all with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlall.htm
O8 - Extra context menu item: Download selected with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlselected.htm
O8 - Extra context menu item: Download with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Lenovo - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe
O23 - Service: Dolby DAX2 API Service (DAX2API) - Unknown owner - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: E-MU Audio Service (emaudsv) - Unknown owner - C:\WINDOWS\system32\emaudsv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: GDCAgent - Lenovo - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2017 (mitsijm2017) - Autodesk, Inc. - D:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: O2FLASH - BayHubTech/O2Micro International - C:\WINDOWS\System32\drivers\o2flash.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14724 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k networkservice -s TermService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k netsvcs -s SessionEnv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8cde7726-4c30-401d-bdc2-8953e799ea0f -SystemEventPortName:HostProcess-12aee8d7-b48b-4009-9f3f-8676bb0de375 -IoCancelEventPortName:HostProcess-f1059e69-47f8-423e-9d1c-3df115648d83 -NonStateChangingEventPortName:HostProcess-a80ee84b-9979-42a6-a17b-6c53849f9b95 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e76cf7db-e6e5-4a2e-b307-f7eb2fe64363 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2231bf02-8d41-4884-bb99-09888cbeb006 -SystemEventPortName:HostProcess-ea2192eb-a656-46d6-8b32-faddf1839b83 -IoCancelEventPortName:HostProcess-74886eab-e3e8-4188-b35e-c17b9c61b22d -NonStateChangingEventPortName:HostProcess-e80fbe88-d4b9-421b-beee-fc1e97cd9032 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:18f96fa1-e4e5-4268-ab9d-ec840eabc238 -DeviceGroupId:
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\system32\WLANExt.exe 2153340324496
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservice -s netprofm
"C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
C:\WINDOWS\system32\emaudsv.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\WINDOWS\System32\drivers\o2flash.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"D:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe"
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\system32\AUDIODG.EXE 0x40c
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\LG8hCfrQsdQi.exe"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxEM.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe" -Hide
"C:\Users\Matyas\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Users\Matyas\AppData\Roaming\DllSystem.exe"
"C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe"
C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Matyas\AppData\Roaming\DllSystem.exe"
"C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SensorService
"C:\Users\Matyas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\Nimi Places\Nimi Places.exe"
"C:\Users\Matyas\AppData\Roaming\DllSystem.exe" ..
"C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe" backgroundagent
C:\WINDOWS\system32\locator.exe
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\wbem\WmiApSrv.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/7.0.5.154/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Matyas\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=8992
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="5216.0.889179982\788703672" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=8992 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x191b --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=21.20.16.4550 --lang=cs-CZ --log-severity=disable --peerpid=8992 /prefetch:822062411
"C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe"
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=cs-CZ --log-severity=disable --peerpid=8992 --enable-software-compositing --channel="5216.1.1978385958\1175182472" /prefetch:673131151
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Matyas\AppData\Roaming\DllSystem.exe" ..
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Users\Matyas\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe" /LOGON
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
\\?\C:\WINDOWS\system32\wbem\WMIADAP.EXE
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k dcomlaunch -s DeviceInstall
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Matyas\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=58.0.3029.110 --initial-client-data=0x1d8,0x1dc,0x1e0,0x1d4,0x1e4,0x7ff9dd272968,0x7ff9dd272980,0x7ff9dd272990
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=10580 --on-initialized-event-handle=620 --parent-handle=624 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1828 --primordial-pipe-token=7724B1E1FC4350B1FEE51E4B5F597F3B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=7724B1E1FC4350B1FEE51E4B5F597F3B --renderer-client-id=3 --mojo-platform-channel-handle=2868 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k netsvcs -s NetSetupSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservice -s fdPHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:3CZpvAI8KUmMsPpA.1
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k netsvcs -s BITS
c:\windows\system32\svchost.exe -k netsvcs -s wisvc
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1828 --primordial-pipe-token=34DB0310D2A04B0E663BE74BFA52A67D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=34DB0310D2A04B0E663BE74BFA52A67D --renderer-client-id=9 --mojo-platform-channel-handle=6032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1828 --primordial-pipe-token=EB0C83A2120ABEC664C4AAB3D14A0355 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=EB0C83A2120ABEC664C4AAB3D14A0355 --renderer-client-id=10 --mojo-platform-channel-handle=2580 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -s dmwappushservice
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SmsRouter
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 692 696 704 8192 700
"C:\Users\Matyas\Desktop\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\system32\tasks\App Explorer - %LOCALAPPDATA%\Host App Service\Engine\HostAppServiceUpdater.exe /LOGON
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\FreeDownloadManagerNetworkMonitor - "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe"
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Microsoft Office 15 Sync Maintenance for LENOVOY700-Matyas LenovoY700 - C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\PDVDServ12 Task - C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
C:\WINDOWS\system32\tasks\{4264BA57-5A5E-49F1-BB04-077A4DDD9CF5} - C:\WINDOWS\system32\pcalua.exe -a D:\GAMES\AOM\AoM.eXe -d D:\GAMES\AOM -c +noIntroCinematics
C:\WINDOWS\system32\tasks\{D575F6C1-9B81-4380-9027-DBFB1DDF5178} - C:\WINDOWS\system32\pcalua.exe -a D:\GAMES\AOM\aom.exe -d D:\GAMES\AOM -c
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\WINDOWS\system32\tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - %windir%\system32\sc.exe START ImControllerService
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\047a933a-4942-4418-9ff9-3a8bd1e9d588 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 047a933a-4942-4418-9ff9-3a8bd1e9d588
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\6aa3ac2f-3056-49cf-a909-8d8d80915899 - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 6aa3ac2f-3056-49cf-a909-8d8d80915899
C:\WINDOWS\system32\tasks\Lenovo\ImController\TimeBasedEvents\803809c4-3569-4be3-a564-e11103cb75ec - "C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" /timebasedeventtrigger 803809c4-3569-4be3-a564-e11103cb75ec
C:\WINDOWS\system32\tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
C:\WINDOWS\system32\tasks\CyberLink\Photo Master Gadget startup - C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent

=========Google Chrome=========

C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension adnlfjpnmidfimlkaohpidplnoimahfh 1 YouTube 2017.1.10.44498
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cjpalhdlnbpafiamejdnhcphjbkeiagm 1 uBlock Origin 1.12.4
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gmaabnkbodeeglbdnkbmpcanjaeapopn 1 Learn French with Yabla 2
Extension kehdmnjmaakacofbgmjgjapbbibhafoh 0 Hide YouTube Comments 0.7.1
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nfagjoblnoeagfhfhohcdklnddjaiglo 1 Do It (Tomorrow) 1.1.2
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.5
Extension plmcimdddlobkphnofejmeidjblideca 1 RightToCopy 11.0
Homepage:
default_search_provider.search_url:
C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={2098CE0C-F201-4DA3-91EB-5FEB744A73AD}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2098CE0C-F201-4DA3-91EB-5FEB744A73AD}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCTE


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={2098CE0C-F201-4DA3-91EB-5FEB744A73AD}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{2098CE0C-F201-4DA3-91EB-5FEB744A73AD}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCTE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-28 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-28 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-03-31 16482040]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-31 1427712]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-31 1427712]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-31 1427712]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2016-03-29 791848]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-30 36352]
"DAX2_APP"=C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [2015-09-22 628736]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-05-03 1893496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Matyas\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Akamai NetSession Interface"=C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe [2017-01-03 4490200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-05-05 27793888]
"Bloody2"=C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2017-03-24 19407360]
"OneDrive"=C:\Users\Matyas\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-04-27 1504888]
"NimiPlaces"=C:\Program Files\Nimi Places\Nimi Places.exe [2017-05-22 686080]
"9dbba36b20a05923f4f9e724157c594d"=C:\Users\Matyas\AppData\Roaming\DllSystem.exe [2017-05-29 754176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2015-07-21 110008]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2015-07-21 492472]
"ADSK DLMSession"=C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2015-01-28 1627032]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2017-03-10 704424]
"ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [2016-11-16 75776]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"9dbba36b20a05923f4f9e724157c594d"=C:\Users\Matyas\AppData\Roaming\DllSystem.exe [2017-05-29 754176]

C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
9dbba36b20a05923f4f9e724157c594d.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-05-29 09:49:12 ----D---- C:\rsit
2017-05-29 09:49:12 ----D---- C:\Program Files\trend micro
2017-05-28 23:25:11 ----A---- C:\Users\Matyas\AppData\Roaming\DllSystem.exe
2017-05-28 23:25:05 ----D---- C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U
2017-05-28 23:11:49 ----D---- C:\Program Files\Nimi Places
2017-05-28 20:00:54 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-05-28 20:00:54 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-05-28 20:00:54 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-05-28 20:00:54 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-05-28 20:00:54 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-05-28 20:00:54 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-05-28 20:00:53 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-05-28 20:00:53 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-05-28 20:00:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-28 20:00:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-05-28 20:00:52 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-05-28 20:00:52 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-05-28 20:00:52 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-05-28 20:00:51 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\NPSMDesktopProvider.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-05-28 20:00:50 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2017-05-28 20:00:50 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2017-05-28 20:00:50 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-05-28 20:00:50 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-05-28 20:00:47 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-05-28 20:00:46 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-05-28 20:00:46 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-05-28 20:00:45 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-05-28 20:00:45 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-05-28 20:00:45 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-05-28 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-05-28 20:00:43 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-05-28 20:00:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-05-28 20:00:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-05-28 20:00:43 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-05-28 20:00:42 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-05-28 20:00:42 ----A---- C:\WINDOWS\system32\winmde.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-05-28 20:00:41 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-05-28 20:00:41 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-05-28 20:00:40 ----A---- C:\WINDOWS\SYSWOW64\xboxgipsynthetic.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\SYSWOW64\DictationManager.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\system32\XblGameSaveExt.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-05-28 20:00:40 ----A---- C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\wpnprv.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\snmptrap.exe
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\NPSM.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\ISM.dll
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-05-28 20:00:39 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys
2017-05-28 20:00:37 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-05-28 20:00:35 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-05-28 20:00:35 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-05-28 20:00:35 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-05-28 20:00:35 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-28 20:00:34 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-05-28 20:00:34 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-05-28 20:00:34 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-28 20:00:33 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-05-28 20:00:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-05-28 20:00:32 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-05-28 20:00:32 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-05-28 20:00:30 ----A---- C:\WINDOWS\system32\twinui.dll
2017-05-28 20:00:29 ----A---- C:\WINDOWS\system32\shell32.dll
2017-05-28 20:00:29 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-05-28 20:00:27 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-05-28 20:00:26 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-05-28 20:00:26 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-05-28 20:00:25 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-05-28 20:00:25 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-28 20:00:25 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\mfsvr.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\mfplat.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\MapsStore.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\MapRouter.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2017-05-28 20:00:24 ----A---- C:\WINDOWS\system32\InputService.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\umpo.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\comdlg32.dll
2017-05-28 20:00:23 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-28 20:00:22 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-05-28 20:00:22 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-28 20:00:22 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-05-28 20:00:22 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-05-28 20:00:22 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-05-28 20:00:22 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-28 20:00:21 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-28 20:00:21 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-05-28 20:00:21 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-05-28 20:00:21 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-05-28 20:00:21 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-05-28 20:00:21 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-28 20:00:21 ----A---- C:\WINDOWS\explorer.exe
2017-05-28 20:00:20 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-05-28 20:00:20 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-05-28 20:00:20 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-05-28 20:00:20 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-28 20:00:20 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-28 20:00:19 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-28 20:00:19 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-05-28 20:00:19 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-28 20:00:19 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-05-28 20:00:19 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-05-28 20:00:19 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-28 20:00:19 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-05-28 20:00:18 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-05-28 20:00:18 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\usocore.dll
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-05-28 20:00:17 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-05-28 20:00:16 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-28 20:00:16 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-28 20:00:16 ----A---- C:\WINDOWS\system32\SRH.dll
2017-05-28 20:00:16 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-05-28 20:00:16 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-28 20:00:16 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\sysmain.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\rdbui.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\provengine.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\msctf.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\embeddedmodesvc.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\efscore.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\DictationManager.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-05-28 20:00:15 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\drivers\ksthunk.sys
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-05-28 20:00:14 ----A---- C:\WINDOWS\bfsvc.exe
2017-05-15 08:41:22 ----AD---- C:\Program Files\Recuva
2017-05-11 16:40:03 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2017-05-11 16:40:02 ----D---- C:\Program Files (x86)\VulkanRT
2017-05-11 16:40:02 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2017-05-11 16:40:02 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2017-05-11 16:40:02 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2017-05-11 16:40:02 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvopencl.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-11 16:38:39 ----A---- C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-11 16:38:38 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2017-05-11 16:38:38 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2017-05-11 16:38:38 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2017-05-11 16:38:38 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2017-05-11 16:38:38 ----A---- C:\WINDOWS\system32\nvcuda.dll
2017-05-11 16:38:38 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2017-05-11 16:02:24 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2017-05-11 16:02:24 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-09 21:59:32 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2017-05-09 21:59:32 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-05-09 21:59:30 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-05-09 21:59:30 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:59:29 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-05-09 21:59:29 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-05-09 21:59:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:59:28 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-05-09 21:59:28 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2017-05-09 21:59:28 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-05-09 21:59:28 ----A---- C:\WINDOWS\system32\ci.dll
2017-05-09 21:59:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:59:26 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:59:25 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-05-09 21:59:25 ----A---- C:\WINDOWS\system32\wininet.dll
2017-05-09 21:59:25 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:59:23 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:59:23 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:59:22 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-05-09 21:59:22 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-05-09 21:59:21 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:59:21 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:59:19 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:59:19 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:59:13 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:59:09 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-05-09 21:59:09 ----A---- C:\WINDOWS\system32\ole32.dll
2017-05-09 21:59:08 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:59:08 ----A---- C:\WINDOWS\system32\combase.dll
2017-05-09 21:59:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-05-09 21:59:06 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-05-09 21:59:05 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:59:04 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-05-09 21:59:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-05-09 21:59:04 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2017-05-09 21:59:04 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:59:03 ----A---- C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:59:02 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2017-05-09 21:59:02 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:59:02 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:59:02 ----A---- C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:59:02 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-05-09 21:59:01 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:59:01 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:59:01 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-05-09 21:59:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-05-09 21:58:59 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2017-05-09 21:58:59 ----A---- C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:58:59 ----A---- C:\WINDOWS\system32\autochk.exe
2017-05-09 21:58:58 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-09 21:58:57 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-05-09 21:58:57 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-05-09 21:58:57 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:58:56 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-05-03 22:12:39 ----D---- C:\ProgramData\Freemake
2017-05-03 22:12:26 ----AD---- C:\Program Files (x86)\Freemake

====== List of files/folders modified in the last 1 month ======

2017-05-29 09:49:12 ----RD---- C:\Program Files
2017-05-29 09:48:55 ----D---- C:\Users\Matyas\AppData\Roaming\Skype
2017-05-29 09:48:28 ----D---- C:\WINDOWS\system32\catroot2
2017-05-29 09:48:23 ----D---- C:\WINDOWS\Temp
2017-05-29 09:47:27 ----D---- C:\WINDOWS\system32\drivers
2017-05-29 09:47:26 ----D---- C:\Windows
2017-05-29 09:44:31 ----D---- C:\ProgramData\NVIDIA
2017-05-29 09:43:45 ----D---- C:\WINDOWS\Prefetch
2017-05-28 23:41:46 ----D---- C:\WINDOWS\System32
2017-05-28 23:41:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-28 23:37:50 ----D---- C:\WINDOWS\Tasks
2017-05-28 23:36:48 ----D---- C:\WINDOWS\system32\sru
2017-05-28 22:11:35 ----D---- C:\WINDOWS\system32\config
2017-05-28 21:18:06 ----RD---- C:\WINDOWS\Microsoft.NET
2017-05-28 21:09:47 ----D---- C:\WINDOWS\system32\DriverStore
2017-05-28 21:09:44 ----D---- C:\WINDOWS\WinSxS
2017-05-28 21:09:25 ----RD---- C:\WINDOWS\assembly
2017-05-28 21:06:41 ----D---- C:\WINDOWS\rescache
2017-05-28 20:16:27 ----D---- C:\WINDOWS\INF
2017-05-28 20:11:13 ----D---- C:\WINDOWS\AppReadiness
2017-05-28 20:06:51 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-05-28 20:06:51 ----D---- C:\WINDOWS\SysWOW64
2017-05-28 20:06:47 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-05-28 20:06:47 ----D---- C:\WINDOWS\system32\oobe
2017-05-28 20:06:46 ----SD---- C:\WINDOWS\system32\F12
2017-05-28 20:06:46 ----D---- C:\WINDOWS\system32\appraiser
2017-05-28 20:06:43 ----D---- C:\WINDOWS\ShellExperiences
2017-05-28 20:06:42 ----D---- C:\WINDOWS\AppPatch
2017-05-28 20:06:42 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-05-28 20:06:42 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-28 20:06:41 ----RD---- C:\Program Files\Windows Defender
2017-05-28 20:06:41 ----D---- C:\Program Files\Windows Photo Viewer
2017-05-28 20:06:41 ----D---- C:\Program Files\Internet Explorer
2017-05-28 19:52:54 ----D---- C:\WINDOWS\CbsTemp
2017-05-28 19:51:35 ----D---- C:\ProgramData\Oracle
2017-05-28 19:36:47 ----SHDC---- C:\WINDOWS\Installer
2017-05-28 19:36:47 ----D---- C:\Program Files (x86)\Java
2017-05-28 19:36:40 ----D---- C:\Program Files (x86)\Common Files
2017-05-28 19:36:14 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-05-28 19:28:02 ----D---- C:\Users\Matyas\AppData\Roaming\TeamViewer
2017-05-28 19:23:25 ----DC---- C:\WINDOWS\Panther
2017-05-28 19:23:24 ----D---- C:\WINDOWS\Logs
2017-05-28 19:23:24 ----D---- C:\WINDOWS\LiveKernelReports
2017-05-28 19:23:24 ----D---- C:\WINDOWS\debug
2017-05-28 19:19:13 ----D---- C:\Users\Matyas\AppData\Roaming\Autodesk
2017-05-25 19:16:49 ----AD---- C:\Users\Matyas\AppData\Roaming\Yousician Launcher
2017-05-23 20:49:00 ----D---- C:\Users\Matyas\AppData\Roaming\.minecraft
2017-05-23 10:14:55 ----HD---- C:\Program Files\WindowsApps
2017-05-21 13:40:42 ----D---- C:\ProgramData\Skype
2017-05-21 13:40:34 ----RD---- C:\Program Files (x86)\Skype
2017-05-21 13:39:10 ----D---- C:\WINDOWS\system32\CatRoot
2017-05-18 17:54:13 ----AD---- C:\Program Files (x86)\TeamViewer
2017-05-17 18:58:14 ----D---- C:\WINDOWS\system32\SleepStudy
2017-05-16 08:42:46 ----HD---- C:\Intel
2017-05-15 22:58:49 ----D---- C:\WINDOWS\system32\LogFiles
2017-05-15 15:42:35 ----RD---- C:\Program Files (x86)
2017-05-11 16:40:07 ----D---- C:\ProgramData\NVIDIA Corporation
2017-05-11 16:02:34 ----D---- C:\WINDOWS\system32\Tasks
2017-05-11 16:02:32 ----D---- C:\Program Files\NVIDIA Corporation
2017-05-11 16:02:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-05-10 19:06:45 ----D---- C:\WINDOWS\system32\WDI
2017-05-10 18:59:08 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-05-10 18:59:08 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-05-10 18:59:06 ----D---- C:\WINDOWS\system32\en-US
2017-05-10 18:59:06 ----D---- C:\WINDOWS\system32\cs-CZ
2017-05-10 18:58:58 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-05-04 08:18:20 ----D---- C:\Users\Matyas\AppData\Roaming\audacity
2017-05-03 22:21:33 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2017-05-03 22:21:33 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21:32 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2017-05-03 22:21:32 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21:32 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 22:12:39 ----HD---- C:\ProgramData
2017-05-03 21:28:28 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-02 11:37:27 ----SD---- C:\ProgramData\Microsoft
2017-05-02 00:38:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2017-05-02 00:38:30 ----A---- C:\WINDOWS\system32\nvapi64.dll
2017-05-01 22:52:54 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2017-05-01 22:51:10 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2017-05-01 22:51:10 ----A---- C:\WINDOWS\system32\nvcpl.dll
2017-05-01 22:51:08 ----A---- C:\WINDOWS\SYSWOW64\oemdspif.dll
2017-05-01 22:51:08 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2017-05-01 22:51:08 ----A---- C:\WINDOWS\system32\nvshext.dll
2017-05-01 22:51:08 ----A---- C:\WINDOWS\system32\nvmctray.dll
2017-05-01 22:51:08 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-01 22:51:08 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2017-05-01 18:32:29 ----D---- C:\WINDOWS\appcompat

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-30 1462720]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R3 ACPIVPC;@oem8.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-15 42328]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2017-03-18 105472]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-03-18 96768]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-03-18 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ibtusb;@oem71.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-09-17 122120]
R3 Netwtw04;@oem86.inf,%NIC_Service_DispName_WINT_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [2017-01-24 7932160]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_020c5444f1367c00\nvlddmkm.sys [2017-05-02 14456944]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-05-03 48248]
R3 nvvhci;@oem13.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-05-02 59448]
R3 O2FJ2RDR;O2FJ2RDR; C:\WINDOWS\System32\drivers\bhtscpcrx64.sys [2015-08-04 202776]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-03-18 180736]
R3 rt640x64;@oem29.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-06-16 895256]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-11 3059416]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2016-06-01 51320]
R3 SynTP;@oem84.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2016-06-01 642168]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2017-04-27 980992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 emusba10;E-MU USB-Audio 1.0 Driver; C:\WINDOWS\system32\DRIVERS\emusba10.sys [2016-11-05 215000]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-01-11 102856]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-05-28 251832]
S3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-01-11 91584]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-27 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-03 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2017-03-10 1309176]
R2 CDPUserSvc_5b146;Uživatelská služba platformy připojených zařízení_5b146; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DAX2API;Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [2016-01-27 163328]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 emaudsv;E-MU Audio Service; C:\WINDOWS\system32\emaudsv.exe [2016-11-05 26624]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-08-13 640928]
R2 GDCAgent;GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [2015-07-30 1155512]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-27 18856]
R2 ibtsiva.exe;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2015-09-16 135408]
R2 ImControllerService;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25 57160]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-08-07 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-08-07 415520]
R2 mitsijm2017;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2017; D:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [2015-08-04 967456]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-05-03 450168]
R2 O2FLASH;O2FLASH; C:\WINDOWS\System32\drivers\o2flash.exe [2015-08-04 82088]
R2 OneSyncSvc_5b146;Hostitel synchronizace_5b146; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-08-13 157088]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-05-20 335808]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-06-01 255608]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2016-12-06 680288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-03-14 317400]
S3 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe [2017-01-04 480192]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_5b146;Tok zařízení_5b146; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-01-29 1591264]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 4355024]
S3 MessagingService_5b146;Služba zasílání zpráv_5b146; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-08-13 268192]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]
S3 PimIndexMaintenanceSvc_5b146;Data kontaktů_5b146; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Matadorik]

MBAM:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 29.05.17
Čas skenování: 9:51
Logovací soubor: mbam.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.2042
Licence: Bezplatný

-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: LENOVOY700\Matyas

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 459963
Uplynulý čas: 1 min, 23 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 1
Hijack.ShellA.Gen, HKU\S-1-5-21-912748295-2094081653-3589726940-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|SHELL, Žádná uživatelská akce, [13079], [187664],1.0.2042

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Matadorik]

Adwcleaner:
# AdwCleaner v6.047 - Log vytvořen 29/05/2017 v 10:09:30
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-26.6 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Matyas - LENOVOY700
# Spuštěno z : C:\Users\Matyas\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Matyas\AppData\Local\Host App Service
[-] Složka smazána: C:\Users\Administrator\AppData\Local\Host App Service
[-] Složka smazána: C:\ProgramData\Host App Service
[-] Složka smazána: C:\Program Files (x86)\Common Files\freemake shared
[#] Složka smazána po restartu: C:\Users\Matyas\AppData\Local\Host App Service
[-] Složka smazána: C:\Users\Default\AppData\Local\Host App Service


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: FreeDownloadManagerNetworkMonitor
[-] Úloha smazána: App Explorer


***** [ Registry ] *****

[-] Klíč smazán: HKCU\Software\9dbba36b20a05923f4f9e724157c594d
[-] Klíč smazán: HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Host App Service
[-] Klíč smazán: HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[#] Klíč smazán po restartu: HKCU\Software\Host App Service
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[#] Klíč smazán po restartu: [x64] HKCU\Software\Host App Service
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[-] Data obnovena: HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data obnovena: HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2629 Bajty] - [29/05/2017 10:09:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [3118 Bajty] - [29/05/2017 10:06:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2775 Bajty] ##########


_________________________________________________________________________________


Adwcleaner podruhé (po restartu)

# AdwCleaner v6.047 - Log vytvořen 29/05/2017 v 10:12:36
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-26.6 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Matyas - LENOVOY700
# Spuštěno z : C:\Users\Matyas\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKCU\Software\9dbba36b20a05923f4f9e724157c594d


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2870 Bajty] - [29/05/2017 10:09:30]
C:\AdwCleaner\AdwCleaner[C2].txt - [939 Bajty] - [29/05/2017 10:12:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [3118 Bajty] - [29/05/2017 10:06:25]
C:\AdwCleaner\AdwCleaner[S1].txt - [1523 Bajty] - [29/05/2017 10:12:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1157 Bajty] ##########



____________________________________________________________________________

Adwcleaner potřetí (po dalším restartu) našel úplně to stejné co podruhé. Malwarebytes ted stále vidí Hijack.ShellA.Gen jako před Adwcleanerem.

[altrok]

Krasny den Vam preju


V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.

[Matadorik]

Díky za pomoc, posílám logy.





Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
Ran by Matyas (administrator) on LENOVOY700 (29-05-2017 22:31:51)
Running from C:\Users\Matyas\Desktop
Loaded Profiles: Matyas (Available Profiles: Matyas & Administrator)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(E-MU Systems) C:\Windows\System32\emaudsv.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Autodesk, Inc.) D:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxEM.exe
() C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\uOiEzd7iXlpD.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
() C:\Users\Matyas\AppData\Roaming\DllSystem.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Flux Software LLC) C:\Users\Matyas\AppData\Local\FluxSoftware\Flux\flux.exe
(Akamai Technologies, Inc.) C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Matyas\AppData\Roaming\DllSystem.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(Nimi projects) C:\Program Files\Nimi Places\Nimi Places.exe
() C:\Users\Matyas\AppData\Roaming\DllSystem.exe
() C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9dbba36b20a05923f4f9e724157c594d.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Matyas\AppData\Roaming\DllSystem.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Matyas\Desktop\FRSTLauncher.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16482040 2016-03-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-03-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-03-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-03-31] (Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-03-29] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-09-22] ()
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-03-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [9dbba36b20a05923f4f9e724157c594d] => C:\Users\Matyas\AppData\Roaming\DllSystem.exe .. [754176 2017-05-29] ()
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [f.lux] => C:\Users\Matyas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Matyas\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27793888 2017-05-05] (Skype Technologies S.A.)
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19407360 2017-03-24] ()
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [NimiPlaces] => C:\Program Files\Nimi Places\Nimi Places.exe [686080 2017-05-22] (Nimi projects)
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [9dbba36b20a05923f4f9e724157c594d] => C:\Users\Matyas\AppData\Roaming\DllSystem.exe .. [754176 2017-05-29] ()
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Winlogon: [Shell] "C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\kjAGldbm4yZi.exe",explorer.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
Startup: C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9dbba36b20a05923f4f9e724157c594d.exe [2017-05-29] ()
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7b554a43-61fa-4f58-acea-58442163b524}: [DhcpNameServer] 150.211.1.2
Tcpip\..\Interfaces\{f520dab6-50d6-467b-9e7c-ddc50d37363d}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-912748295-2094081653-3589726940-1001 -> DefaultScope {2098CE0C-F201-4DA3-91EB-5FEB744A73AD} URL =
SearchScopes: HKU\S-1-5-21-912748295-2094081653-3589726940-1001 -> {2098CE0C-F201-4DA3-91EB-5FEB744A73AD} URL =
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-28] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vflz7uhzw.ico
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default [2017-05-29]
CHR Extension: (Prezentace Google) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-01-10]
CHR Extension: (Dokumenty Google) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Disk Google) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (uBlock Origin) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-05-16]
CHR Extension: (Tabulky Google) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Learn French with Yabla) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmaabnkbodeeglbdnkbmpcanjaeapopn [2016-11-21]
CHR Extension: (Hide YouTube Comments) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehdmnjmaakacofbgmjgjapbbibhafoh [2017-05-05]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2016-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR Extension: (RightToCopy) - C:\Users\Matyas\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmcimdddlobkphnofejmeidjblideca [2017-05-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1309176 2017-03-10] (Autodesk Inc.)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe [301504 2017-01-04] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe [480192 2017-01-04] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [File not signed]
R2 emaudsv; C:\WINDOWS\system32\emaudsv.exe [26624 2016-11-05] (E-MU Systems)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-09-16] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe [341952 2017-01-04] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 mitsijm2017; D:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 O2FLASH; C:\WINDOWS\System32\drivers\o2flash.exe [82088 2015-08-04] (BayHubTech/O2Micro International)
R2 O2FLASH; C:\WINDOWS\SysWOW64\drivers\o2flash.exe [82088 2015-08-04] (BayHubTech/O2Micro International)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 emusba10; C:\WINDOWS\system32\DRIVERS\emusba10.sys [215000 2016-11-05] (E-MU Systems)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [122120 2015-09-17] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys [11039680 2017-01-04] (Intel Corporation)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-11] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-29] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-11] (Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_020c5444f1367c00\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation)
R3 O2FJ2RDR; C:\WINDOWS\System32\drivers\bhtscpcrx64.sys [202776 2015-08-04] (BayHubTech/O2Micro )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-16] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51320 2016-06-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-29 22:31 - 2017-05-29 22:32 - 00024507 _____ C:\Users\Matyas\Desktop\FRST.txt
2017-05-29 22:31 - 2017-05-29 22:31 - 00112640 _____ (forum.viry.cz) C:\Users\Matyas\Desktop\FRSTLauncher.exe
2017-05-29 22:31 - 2017-05-29 22:31 - 00000000 ____D C:\FRST
2017-05-29 22:29 - 2017-05-29 22:29 - 02429952 _____ (Farbar) C:\Users\Matyas\Desktop\FRST64.exe
2017-05-29 22:29 - 2017-05-29 22:29 - 00112640 _____ (forum.viry.cz) C:\Users\Matyas\Desktop\Nepotvrzeno 545529.crdownload
2017-05-29 10:18 - 2017-05-29 10:18 - 00001239 _____ C:\Users\Matyas\Desktop\AdwCleaner[C2].txt
2017-05-29 10:11 - 2017-05-29 10:11 - 00002873 _____ C:\Users\Matyas\Desktop\AdwCleaner[C0].txt
2017-05-29 10:09 - 2017-05-29 10:09 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\69611F58.sys
2017-05-29 10:05 - 2017-05-29 10:21 - 00000000 ____D C:\AdwCleaner
2017-05-29 10:05 - 2017-05-29 10:05 - 04110280 _____ C:\Users\Matyas\Desktop\adwcleaner_6.047.exe
2017-05-29 09:53 - 2017-05-29 09:53 - 00001614 _____ C:\Users\Matyas\Desktop\mbam.txt
2017-05-29 09:49 - 2017-05-29 09:49 - 01329152 _____ C:\Users\Matyas\Desktop\RSITx64.exe
2017-05-29 09:49 - 2017-05-29 09:49 - 00000000 ____D C:\rsit
2017-05-29 09:49 - 2017-05-29 09:49 - 00000000 ____D C:\Program Files\trend micro
2017-05-28 23:25 - 2017-05-29 22:27 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U
2017-05-28 23:25 - 2017-05-29 22:26 - 00754176 _____ () C:\Users\Matyas\AppData\Roaming\DllSystem.exe
2017-05-28 23:12 - 2017-05-28 23:22 - 00000000 ____D C:\Users\Matyas\.Nimi Places
2017-05-28 23:11 - 2017-05-28 23:11 - 00000000 ____D C:\Program Files\Nimi Places
2017-05-28 20:00 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-05-28 20:00 - 2017-05-20 11:13 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-28 20:00 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-28 20:00 - 2017-05-20 10:53 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-28 20:00 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-28 20:00 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-28 20:00 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-28 20:00 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-28 20:00 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-28 20:00 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-05-28 20:00 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-05-28 20:00 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-05-28 20:00 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-28 20:00 - 2017-05-20 10:42 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-28 20:00 - 2017-05-20 10:40 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-28 20:00 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-28 20:00 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-28 20:00 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-28 20:00 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-05-28 20:00 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-05-28 20:00 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-28 20:00 - 2017-05-20 10:25 - 20505088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-28 20:00 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-05-28 20:00 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-05-28 20:00 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-28 20:00 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-28 20:00 - 2017-05-20 10:22 - 19334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-28 20:00 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-28 20:00 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-05-28 20:00 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-05-28 20:00 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-28 20:00 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-28 20:00 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-05-28 20:00 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-28 20:00 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-28 20:00 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-28 20:00 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-05-28 20:00 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-05-28 20:00 - 2017-05-20 10:19 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-28 20:00 - 2017-05-20 10:18 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-28 20:00 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-05-28 20:00 - 2017-05-20 10:18 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-28 20:00 - 2017-05-20 10:17 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-28 20:00 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-05-28 20:00 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-28 20:00 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-28 20:00 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-28 20:00 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-28 20:00 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-28 20:00 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-05-28 20:00 - 2017-05-20 10:16 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-28 20:00 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-28 20:00 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-05-28 20:00 - 2017-05-20 10:15 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-28 20:00 - 2017-05-20 10:14 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-28 20:00 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-05-28 20:00 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-28 20:00 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-05-28 20:00 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-05-28 20:00 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-28 20:00 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-05-28 20:00 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-28 20:00 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-05-28 20:00 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-28 20:00 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-05-28 20:00 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-05-28 20:00 - 2017-05-20 09:08 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-28 20:00 - 2017-05-20 09:08 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-28 20:00 - 2017-05-20 09:08 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-28 20:00 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-28 20:00 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-05-28 20:00 - 2017-05-20 09:03 - 08320928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-28 20:00 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-28 20:00 - 2017-05-20 09:02 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-28 20:00 - 2017-05-20 09:01 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-28 20:00 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-05-28 20:00 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-05-28 20:00 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-28 20:00 - 2017-05-20 08:56 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-28 20:00 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-28 20:00 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-05-28 20:00 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-28 20:00 - 2017-05-20 08:55 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-28 20:00 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-28 20:00 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-28 20:00 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-28 20:00 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-05-28 20:00 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-28 20:00 - 2017-05-20 08:54 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-28 20:00 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-28 20:00 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-05-28 20:00 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-05-28 20:00 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-05-28 20:00 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-05-28 20:00 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-05-28 20:00 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-05-28 20:00 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-05-28 20:00 - 2017-05-20 08:52 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-28 20:00 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-28 20:00 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-05-28 20:00 - 2017-05-20 08:51 - 21352176 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-28 20:00 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-28 20:00 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-28 20:00 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-05-28 20:00 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-05-28 20:00 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-28 20:00 - 2017-05-20 08:22 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-28 20:00 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-05-28 20:00 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-28 20:00 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-28 20:00 - 2017-05-20 08:10 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-05-28 20:00 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-05-28 20:00 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-05-28 20:00 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-28 20:00 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-28 20:00 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-05-28 20:00 - 2017-05-20 08:08 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-28 20:00 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-05-28 20:00 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-28 20:00 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-05-28 20:00 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-05-28 20:00 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-05-28 20:00 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-05-28 20:00 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-05-28 20:00 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-05-28 20:00 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-05-28 20:00 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-28 20:00 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-28 20:00 - 2017-05-20 08:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-28 20:00 - 2017-05-20 08:04 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-05-28 20:00 - 2017-05-20 08:03 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-28 20:00 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-05-28 20:00 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-05-28 20:00 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-05-28 20:00 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-28 20:00 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-05-28 20:00 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-05-28 20:00 - 2017-05-20 08:03 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-05-28 20:00 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-05-28 20:00 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-28 20:00 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-05-28 20:00 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-28 20:00 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-05-28 20:00 - 2017-05-20 08:00 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-28 20:00 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-28 20:00 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-28 20:00 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-28 20:00 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-05-28 20:00 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-28 20:00 - 2017-05-20 07:59 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-28 20:00 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-05-28 20:00 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-28 20:00 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-05-28 20:00 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-28 20:00 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-28 20:00 - 2017-05-20 07:58 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-28 20:00 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-05-28 20:00 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-05-28 20:00 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-28 20:00 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-05-28 20:00 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-05-28 20:00 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-28 20:00 - 2017-05-20 07:57 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-28 20:00 - 2017-05-20 07:57 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-28 20:00 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-28 20:00 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-28 20:00 - 2017-05-20 07:56 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-28 20:00 - 2017-05-20 07:56 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-28 20:00 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-28 20:00 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-28 20:00 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-05-28 20:00 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-28 20:00 - 2017-05-20 07:55 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-28 20:00 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 02651136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-28 20:00 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-28 20:00 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-28 20:00 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-28 20:00 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-05-28 20:00 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-05-28 20:00 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-05-28 20:00 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-05-28 20:00 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-28 20:00 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-05-28 20:00 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-28 20:00 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-05-28 20:00 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-05-28 20:00 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-05-28 20:00 - 2017-05-20 07:47 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-05-28 19:17 - 2017-05-28 19:17 - 00000000 ____D C:\Users\Matyas\Desktop\zasilka-MAF9TLAX29RY5IBM
2017-05-23 10:10 - 2017-05-23 10:10 - 00000000 ____D C:\Users\Matyas\Desktop\mid
2017-05-23 10:09 - 2017-05-23 10:10 - 00000000 ____D C:\Users\Matyas\Desktop\right
2017-05-23 10:09 - 2017-05-23 10:10 - 00000000 ____D C:\Users\Matyas\Desktop\left
2017-05-16 08:42 - 2017-05-16 08:42 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-15 08:41 - 2017-05-15 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2017-05-15 08:41 - 2017-05-15 08:41 - 00000000 ____D C:\Program Files\Recuva
2017-05-11 16:40 - 2017-05-11 16:40 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-11 16:40 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-11 16:40 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-11 16:40 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-11 16:40 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-11 16:40 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-11 16:38 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-11 16:38 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-11 16:02 - 2017-05-11 16:02 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-11 16:02 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-11 14:57 - 2017-05-11 14:57 - 00000000 ____D C:\Users\Matyas\AppData\Local\DBG
2017-05-09 21:59 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:59 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:59 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:59 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:59 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:59 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:59 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:59 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:59 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:59 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:59 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:59 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:59 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:59 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:59 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:59 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:59 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:59 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:59 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:59 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:59 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:59 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:59 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:59 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:59 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:59 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:59 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:59 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:59 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:59 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:59 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:59 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:59 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:59 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:59 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:59 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:59 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:59 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:59 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:59 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:59 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:59 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:59 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:59 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:59 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:59 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:59 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:59 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:58 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:58 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:58 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:58 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:58 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:58 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:58 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:58 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:58 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:58 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-03 22:12 - 2017-05-03 22:12 - 00000000 ____D C:\Users\Matyas\Documents\Freemake
2017-05-03 22:12 - 2017-05-03 22:12 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2017-05-03 22:12 - 2017-05-03 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-05-03 22:12 - 2017-05-03 22:12 - 00000000 ____D C:\ProgramData\Freemake
2017-05-03 22:12 - 2017-05-03 22:12 - 00000000 ____D C:\Program Files (x86)\Freemake
2017-05-02 11:37 - 2017-05-02 11:37 - 00000000 ____D C:\Users\Matyas\ansel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-29 22:31 - 2016-11-22 17:04 - 00083549 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-05-29 22:28 - 2017-04-27 20:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-29 22:27 - 2016-11-01 18:07 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\Skype
2017-05-29 22:26 - 2016-10-28 14:46 - 00000000 __SHD C:\Users\Matyas\IntelGraphicsProfiles
2017-05-29 12:45 - 2017-04-27 20:22 - 00000000 ____D C:\Users\Matyas
2017-05-29 12:45 - 2017-04-25 17:40 - 00000000 ____D C:\Users\Matyas\Documents\The Witcher 3
2017-05-29 12:17 - 2017-04-27 20:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-29 11:37 - 2017-04-27 20:30 - 00005220 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVOY700-Matyas LenovoY700
2017-05-29 10:19 - 2016-12-25 21:36 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-29 10:17 - 2017-04-27 20:34 - 02102314 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-29 10:17 - 2017-03-20 06:43 - 00920098 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-29 10:17 - 2017-03-20 06:43 - 00200514 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-29 10:13 - 2017-04-27 20:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-29 10:12 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-29 10:10 - 2017-04-27 20:19 - 00438360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-28 23:37 - 2016-11-25 22:52 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-28 21:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-28 20:16 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-28 20:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-28 20:11 - 2015-11-03 21:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-28 20:06 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-28 20:01 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-28 19:51 - 2016-11-09 19:15 - 00000000 ____D C:\ProgramData\Oracle
2017-05-28 19:36 - 2016-11-09 19:15 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-05-28 19:36 - 2016-11-09 19:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-28 19:36 - 2016-11-09 19:15 - 00000000 ____D C:\Program Files (x86)\Java
2017-05-28 19:28 - 2016-12-26 18:26 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\TeamViewer
2017-05-28 19:23 - 2017-04-27 12:48 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-28 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-28 19:23 - 2016-11-21 18:33 - 00000000 ____D C:\Users\Matyas\AppData\Local\CrashDumps
2017-05-28 19:22 - 2017-02-23 22:02 - 00000000 ____D C:\Users\Matyas\.smplayer
2017-05-28 19:19 - 2017-01-29 13:13 - 00000000 ____D C:\Users\Public\Documents\.forever
2017-05-28 19:19 - 2017-01-29 12:55 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\Autodesk
2017-05-25 19:16 - 2017-02-12 13:51 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\Yousician Launcher
2017-05-23 20:49 - 2016-11-10 20:35 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\.minecraft
2017-05-23 16:20 - 2016-10-28 14:46 - 00000000 ____D C:\Users\Matyas\AppData\Local\Packages
2017-05-23 10:14 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-22 18:13 - 2016-10-28 14:46 - 00000000 ____D C:\Users\Matyas\AppData\Local\NVIDIA Corporation
2017-05-21 13:40 - 2017-03-20 07:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-21 13:40 - 2016-11-01 18:13 - 00000000 ____D C:\ProgramData\Skype
2017-05-18 17:54 - 2016-12-26 18:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-05-16 18:11 - 2016-10-28 20:46 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 08:42 - 2016-03-29 08:50 - 00000000 ___HD C:\Intel
2017-05-11 16:40 - 2017-04-27 20:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-11 16:02 - 2017-04-27 20:30 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-04-27 20:30 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-04-27 20:30 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-04-27 20:30 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-04-27 20:30 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-04-27 20:30 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-04-27 20:30 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 16:02 - 2017-04-27 20:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-11 16:02 - 2017-04-27 20:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-04 08:18 - 2017-04-27 21:50 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\audacity
2017-05-03 22:21 - 2017-04-18 18:07 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-03 22:21 - 2016-11-21 16:51 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 22:21 - 2016-03-29 08:56 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-03-29 08:56 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-03-29 08:56 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-03-29 08:56 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 21:28 - 2016-12-22 22:05 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-02 10:44 - 2017-01-06 22:05 - 00000000 ____D C:\Users\Matyas\AppData\Local\Microsoft Help
2017-05-02 00:38 - 2017-04-27 12:54 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-02 00:38 - 2017-04-27 12:54 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-02 00:38 - 2017-04-27 12:54 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-02 00:38 - 2017-04-27 12:54 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-01 22:52 - 2017-04-27 20:21 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-01 22:51 - 2017-04-27 20:21 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-01 22:51 - 2017-04-27 20:21 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-01 22:51 - 2017-04-27 20:21 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-01 22:51 - 2017-04-27 20:21 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-01 22:51 - 2017-04-27 20:21 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-01 22:51 - 2017-04-27 20:21 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-01 22:51 - 2017-04-27 20:21 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-01 22:51 - 2017-04-27 20:21 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-01 18:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-01 18:30 - 2017-04-27 20:30 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-01 18:30 - 2017-04-27 20:30 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-05-28 23:25 - 2017-05-29 22:26 - 0754176 _____ () C:\Users\Matyas\AppData\Roaming\DllSystem.exe
2017-01-01 14:58 - 2017-01-01 14:58 - 0005293 _____ () C:\Users\Matyas\AppData\Local\recently-used.xbel
2017-04-27 20:21 - 2017-04-27 20:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-04-27 20:21 - 2017-04-27 20:21 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2016-12-22 22:05 - 2017-01-28 17:54 - 0007609 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-22 22:05 - 2017-01-26 23:01 - 0006776 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2017-03-25 14:52 - 2017-03-25 14:52 - 0001534 _____ () C:\ProgramData\ss.ini

Some files in TEMP:
====================
2017-05-28 19:32 - 2017-05-28 19:32 - 0739904 _____ (Oracle Corporation) C:\Users\Matyas\AppData\Local\Temp\jre-8u131-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-26 09:07

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:97.15 GB) (Free:32.71 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:775 GB) NTFS

Available physical RAM: 4718.78 MB
Total physical RAM: 8019.91 MB
Percentage of memory in use: 41%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 119.2 GB) (Disk ID: 8831E18D)
Disk: 1 (Size: 931.5 GB) (Disk ID: 90BFE6C7)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Matyas\Desktop" je 5140 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Matadorik]

Addition:



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-05-2017
Ran by Matyas (29-05-2017 22:32:26)
Running from C:\Users\Matyas\Desktop
Windows 10 Home Version 1703 (X64) (2017-04-27 18:33:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-912748295-2094081653-3589726940-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-912748295-2094081653-3589726940-503 - Limited - Disabled)
Guest (S-1-5-21-912748295-2094081653-3589726940-501 - Limited - Disabled)
Matyas (S-1-5-21-912748295-2094081653-3589726940-1001 - Administrator - Enabled) => C:\Users\Matyas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 25.0.0.0 (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0420-44B459520227}) (Version: 4.20.0 - Autodesk)
Autodesk Download Manager (HKLM-x32\...\{EC92633C-8F08-470A-BCDF-3FE5FD778C8D}) (Version: 4.0.14.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-4050-21FB25B48D6E}) (Version: 4.50.0 - Autodesk)
Autodesk Inventor Compatibility Pack 2018 (Version: 22.0.11200.0000 - Autodesk) Hidden
Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2017 – Čeština (Czech) (HKLM\...\Autodesk Inventor Electrical Catalog Browser 2017 – Čeština (Czech)) (Version: 14.0.57.0 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2017 – Čeština (Czech) (Version: 14.0.57.0 - Autodesk) Hidden
Autodesk Inventor Professional 2017 - Čeština (Czech) (HKLM\...\Autodesk Inventor Professional 2017) (Version: 21.30.25600.0000 - Autodesk)
Autodesk Inventor Professional 2017 (Version: 21.30.25600.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 Jazykový balíček – Čeština (Czech) (Version: 21.20.22700.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 Jazykový balíček – Čeština (Czech) (Version: 21.20.22700.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 R3 (Version: 21.30.25600.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 R4 (Version: 21.30.25600.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 SP1 (Version: 21.30.25600.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 SP2 (Version: 21.30.25600.0000 - Autodesk) Hidden
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2017 (HKLM\...\Autodesk Revit Interoperability for Inventor 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit Interoperability for Inventor 2017 (Version: 17.0.411.0 - Autodesk) Hidden
Autodesk Vault Basic 2017 (Client) (HKLM\...\Autodesk Vault Basic 2017 (Client)) (Version: 22.0.48.0 - Autodesk)
Autodesk Vault Basic 2017 (Client) (Version: 22.0.48.0 - Autodesk) Hidden
Bloody6 (HKLM-x32\...\Bloody3) (Version: 17.03.0005 - Bloody)
calibre 64bit (HKLM\...\{681661E2-CB98-400A-BAC5-F573BE396948}) (Version: 2.82.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
ClassicPro© v2.01 (HKLM-x32\...\ClassicPro) (Version: 2.01 - Skin Consortium)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.5.2.30 - Dolby Laboratories, Inc.)
DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2017 (64-bit) (HKLM\...\{05D87862-35C9-4CB4-92EC-8A1FC97BFF6C}) (Version: 6.4.9.0 - Granta Design Limited)
Epic Pen version Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: Epic Pen - TANK Media)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
f.lux (HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Flux) (Version: - )
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Freemake Audio Converter verze 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7830A022-4C4C-4776-B1BA-220D75FCB9D4}) (Version: 18.1.1538.2273 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Inventor 2017.4 Update (HKLM-x32\...\{93d3a8bc-2100-3000-b242-2a19b2a704f8}) (Version: 21.30.25600.0 - Autodesk)
Inventor Connected Design (HKLM\...\{1FA52755-1FBC-0001-0420-7CEA1F3736D8}) (Version: 4.20.0 - Autodesk)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Jazykový balíček Autodesk Inventor Electrical Catalog Browser 2017 – Čeština (Czech) (Version: 14.0.57.0 - Autodesk) Hidden
Jazykový balíček Autodesk Vault Basic 2017 (Client) – čeština (Version: 22.0.48.0 - Autodesk) Hidden
Just Flight - FS Insider C152 (HKLM-x32\...\{E55250B8-D012-47A3-97E2-99FFBD0D3AD3}) (Version: 1.00.000 - Just Flight)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Lenovo PowerDVD12 (x32 Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.076.00 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{AFAB079C-C258-4308-AF8A-C541FE38D7DE}) (Version: 3.3.00.158 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.158 - O2Micro International LTD.) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 382.05 (Version: 382.05 - NVIDIA Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.5.154 - Autodesk)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7780 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.)
SMPlayer 17.2.0 (HKLM-x32\...\SMPlayer) (Version: 17.2.0 - Ricardo Villalba)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {082ADAAF-A617-4C89-AD12-5B21FB2BD6C3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {0DC984B0-92E4-4074-A1BB-0CD08089A84C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5897e8a0-6731-478e-8aae-503ea36162d8 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {1ABBA0F6-47B8-4974-9AF3-9419062B289C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {2215DB9F-B246-452A-A671-F59DACAAC745} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {2E3DD763-07B0-46CE-99F7-E3E6B6006786} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {31B5E07E-C5CF-40EC-9FB5-E91A02751E0E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {3362354C-3D16-4F85-8B19-C280A0A4122B} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-09-11] (CyberLink Corp.)
Task: {38F02F94-0C09-41FD-8697-ECD38886BAAD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {3AF63EB0-C1D9-4F68-BC2B-1D734079B304} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-28] (Google Inc.)
Task: {3BF1CA50-EC46-46D6-84B5-B0FF1D0F4820} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-28] (Google Inc.)
Task: {47E37080-AE7B-4B12-9B47-E646F450BFBC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {5B8F8EB8-3A13-4428-982E-0E05DEC07CD3} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVOY700-Matyas LenovoY700 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {6432FC76-3CE9-497D-A73E-6FD96D35D5CB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {662A512F-BE09-4094-A714-412AF81A0AE6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {6C506FEF-95DE-44EF-9161-2B00328CCC7F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {8FF7B521-A55E-4600-BD61-AA91E6B2700A} - System32\Tasks\{4264BA57-5A5E-49F1-BB04-077A4DDD9CF5} => pcalua.exe -a D:\GAMES\AOM\AoM.eXe -d D:\GAMES\AOM -c +noIntroCinematics
Task: {9D19A96B-5AF9-4B91-B52D-6AD0682F3B4C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {A1521E23-7504-4A43-B684-5967335C5468} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c451e930-bd7b-4fbc-99a1-de9645337b75 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {B0BE0DAB-AA75-4EA4-A60B-C49FE64DE3DB} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2015-09-30] (CyberLink Corp.)
Task: {B924A265-2131-4435-AC98-28AA26E9CC26} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a8895118-a998-4bdd-86e6-401aaf52a79e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {C925DA6A-3B86-4E04-A5C2-2BA739621A06} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CB30B9D0-B690-4047-BF6A-A1D10BEE0CEA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {D64EE14D-CE77-4095-9AFA-DBC37C7C7E82} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {E9D69216-0FE9-499B-8762-C5DF0B86474C} - System32\Tasks\{D575F6C1-9B81-4380-9027-DBFB1DDF5178} => pcalua.exe -a D:\GAMES\AOM\aom.exe -d D:\GAMES\AOM -c
Task: {F5EED57D-BD2D-4762-93CF-66D3A8A9EC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {FB7FA7A4-A4BE-4DD4-A547-10BF3A11DD1B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh

==================== Loaded Modules (Whitelisted) ==============

2016-11-21 18:04 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-01-27 05:04 - 2016-01-27 05:04 - 00163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2016-12-25 21:36 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-27 20:21 - 2017-05-01 22:51 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-29 10:16 - 2017-05-29 10:16 - 00754176 ___SH () C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\uOiEzd7iXlpD.exe
2016-03-29 08:20 - 2016-03-29 08:19 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2016-03-29 08:20 - 2016-03-29 08:19 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2017-05-28 23:25 - 2017-05-29 22:26 - 00754176 _____ () C:\Users\Matyas\AppData\Roaming\DllSystem.exe
2015-09-22 20:40 - 2015-09-22 20:40 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2017-04-23 17:05 - 2017-03-24 17:29 - 19407360 _____ () C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
2017-05-28 23:25 - 2017-05-29 10:16 - 00754176 _____ () C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9dbba36b20a05923f4f9e724157c594d.exe
2017-03-18 22:59 - 2017-03-20 06:45 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-29 13:22 - 2017-03-10 12:48 - 00061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2017-01-29 13:22 - 2017-03-10 12:48 - 00110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2015-08-07 10:09 - 2015-08-07 10:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-21 18:04 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-03 14:14 - 2017-05-03 14:14 - 01993176 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-04-23 17:05 - 2013-10-11 09:43 - 00085504 _____ () C:\Program Files (x86)\Bloody6\Bloody6\DLL\DLL_ZoomControl.dll
2017-04-23 17:05 - 2016-05-26 15:28 - 04672512 ____N () C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2016-03-29 08:24 - 2014-07-04 06:35 - 00627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 21:35 - 2014-07-04 21:35 - 00016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2017-01-29 13:22 - 2013-09-23 19:52 - 00043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2017-01-29 13:22 - 2015-11-05 14:07 - 00052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2017-01-29 13:22 - 2015-11-05 14:07 - 00195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2017-01-29 13:22 - 2015-11-05 14:07 - 00742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2017-01-29 13:22 - 2017-03-10 12:21 - 00279976 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\cs-CZ\AdWingManRes.dll
2017-01-29 13:22 - 2015-09-08 08:31 - 40640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2017-01-29 13:22 - 2014-09-03 02:29 - 00912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2017-01-29 13:22 - 2014-09-03 02:29 - 00134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2017-01-29 13:22 - 2014-09-03 02:29 - 00950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2016-03-29 08:21 - 2015-09-30 10:19 - 00875960 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2016-03-29 08:21 - 2015-09-30 10:05 - 00081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2016-03-29 08:21 - 2015-09-30 10:05 - 00053248 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_socket.pyd
2016-03-29 08:21 - 2015-09-30 10:05 - 00655360 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ssl.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Matyas\Documents\wallpaper-red-swirly-fantasy-walls-submit-69970.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "ShadowPlay"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3741C523-D30F-492A-8AC5-DFE26D88CFAA}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe
FirewallRules: [UDP Query User{8C1972A1-F01A-401B-B542-8F993AB1BCA0}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{7BBD3846-D136-4141-9404-D533D227C222}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{0D7F8C22-784D-4FFE-848E-52AE701ED7E1}] => (Allow) LPort=5000
FirewallRules: [{9A7EF4A6-6C35-4BC2-906A-15E1F06118EC}] => (Allow) LPort=59101
FirewallRules: [UDP Query User{CCAC89D9-2800-4F83-B5BA-861C5CCCF808}C:\users\matyas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\matyas\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D3CD7224-A4F3-4EEB-B6CF-D0DB36506560}C:\users\matyas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\matyas\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D09FA09C-DE07-4654-B6F4-55CDF92812B4}E:\gaming\driver san francisco\driver.exe] => (Allow) E:\gaming\driver san francisco\driver.exe
FirewallRules: [TCP Query User{53064722-3BE9-4BDD-8737-D3AA58D01D55}E:\gaming\driver san francisco\driver.exe] => (Allow) E:\gaming\driver san francisco\driver.exe
FirewallRules: [{242B47E0-024A-42B8-B145-828F53CC180F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CF22010A-85B1-49D6-B62C-3C94EC69EC2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FF76CA5B-C39B-4E4E-B85C-E88DAFCAB5FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1D370295-357F-4336-A71B-905C6D61E943}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F7E64583-DF31-4D61-BBD4-140E6EA999EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EEB50280-18B9-4680-B8BB-165A3A6D599E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90301CCC-5698-444A-A33A-A70E55A976B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{85A18092-22D2-4AC1-AAC1-2EDA7E1A8BE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8D613580-2393-43A6-BD2E-0BB5BEEAD485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AF6E2790-F392-4073-9757-3FE960897106}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{56AC4620-6671-415B-A4AA-2E7E8466D668}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{4B2B7EA1-D6D0-434C-A636-CA066525988A}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{935D765C-9A66-4980-A993-33D6C2F3CB8A}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{82CCDF19-6AB0-46CD-B311-37E31F98E1AE}] => (Allow) F:\GAMING\World_of_Tanks\worldoftanks.exe
FirewallRules: [{7A47976C-1C65-4EB1-9F83-A01A1095812B}] => (Allow) F:\GAMING\World_of_Tanks\worldoftanks.exe
FirewallRules: [{BA272886-C11E-415A-9B7C-30530429D583}] => (Allow) F:\GAMING\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{459A563E-8D5D-4F5C-9821-B126C13A6E62}] => (Allow) F:\GAMING\World_of_Tanks\WoTLauncher.exe
FirewallRules: [UDP Query User{46EA4269-0680-404B-9583-5DD26DD7AE95}D:2\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) D:2\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [TCP Query User{1A4DF442-8D97-4A98-8B10-BE724F594A1B}D:2\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) D:2\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [{C97B09B4-0BE1-4DF3-A059-3758FDEDEA43}] => (Allow) F:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{3339A8D0-D88F-49F6-B2E5-7A4A5E12A355}] => (Allow) F:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{0DDE8392-CA9B-4325-BF64-4E73FA7CCAFA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{3F384967-2F4E-436C-948F-287DAA9651B1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [UDP Query User{E02EF7CD-E6A2-4DD5-847B-B1B361BCA549}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
FirewallRules: [TCP Query User{6158F1E5-A6B7-4EEC-AC55-2D417B774FFA}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
FirewallRules: [UDP Query User{F818BDDB-DE1E-43BA-B2C4-7CCF2F515F60}D:\games\aom\aom.exe] => (Allow) D:\games\aom\aom.exe
FirewallRules: [TCP Query User{8C8C7285-51CC-40EB-BA7A-3BA2DB0BF482}D:\games\aom\aom.exe] => (Allow) D:\games\aom\aom.exe
FirewallRules: [{01B51A00-1267-4997-ABE8-D49F99DA19FE}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{FB08B517-DC2A-4343-ADF6-ABF5237C5AA9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2555D761-9B19-4CE2-ADC2-7BCB6FB04FF6}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{B10315EA-B27B-4B53-9C3F-168E3AA7FE8D}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{746BBA06-3A64-450B-9720-FF683C6A96CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0AB5CD05-B0DB-442F-B531-09714D0F104B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2017 11:37:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVOY700)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/28/2017 07:23:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (2032) testing: Při otevírání souboru protokolu C:\Users\Matyas\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (05/28/2017 07:23:19 PM) (Source: ESENT) (EventID: 490) (User: )
Description: CCleaner64 (2032) testing: Pokus o otevření souboru C:\Users\Matyas\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (05/28/2017 07:18:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Yousician.exe verze 5.4.3.37587 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3314

Čas spuštění: 01d2d6fde2aacaaf

Čas ukončení: 42

Cesta k aplikaci: C:\Users\Matyas\AppData\Roaming\YOUSIC~1\Yousician.app\Yousician.exe

ID hlášení: e211bf22-723b-42a6-b27a-c0fa8418fc44

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (05/28/2017 07:18:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\Program Files\Autodesk\Inventor 2017\Bin\MDTAPIProxyReg.dll se nezdařilo.
Závislé sestavení Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/25/2017 10:18:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVOY700)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147417836. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/18/2017 04:43:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 1.0.1704.25001 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2840

Čas spuštění: 01d2cee885aa8d5c

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 88b731a0-e421-4754-89f7-e2263b8b40e6

Úplný název balíčku s chybou: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App

Error: (05/18/2017 04:43:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LENOVOY700)
Description: Balíček Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (05/17/2017 04:14:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVOY700)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2147417836. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/15/2017 03:48:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: witcher3.exe, verze: 3.0.9.17254, časové razítko: 0x57447943
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.0, časové razítko: 0xb79b6ddb
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f775f
ID chybujícího procesu: 0x25a4
Čas spuštění chybující aplikace: 0x01d2cd792c82ac91
Cesta k chybující aplikaci: D:\GAMES\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: a79160ae-ff41-4de0-9da8-25a00582dbaa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/29/2017 10:26:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/29/2017 10:26:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/29/2017 12:45:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/29/2017 10:29:16 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/29/2017 10:16:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/29/2017 10:16:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/29/2017 10:13:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (05/29/2017 10:12:59 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (05/29/2017 10:12:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (05/29/2017 10:12:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 8019.91 MB
Available physical RAM: 4718.78 MB
Total Virtual: 10835.91 MB
Available Virtual: 6934.08 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:97.15 GB) (Free:32.71 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:775 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 8831E18D)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 90BFE6C7)

Partition: GPT.

==================== End of Addition.txt ============================

[altrok]

Mate vypnutou funkci bodu obnoveni - vzhledem k tomu, co v PC mate za havet, velice doporucuji tuto funkci zapnout.

• Kliknete pravym na Tento pocitac -> Vlastnosti -> Upresnit nastaveni systemu -> nahore zalozka Ochrana systemu -> oznacte systemovy disk (vetsinou C: ) -> Konfigurovat -> vyberte Obnovit nastaveni systemu a predchozi verze souboru a ulozte klikem na Pouzit.
• Pokud si chcete hrat s velikosti mista na disku, ktere je vyuzito body obnoveni, nedoporucuji tuto hranici snizovat pod 1 GB. Pokud mate mista na disku dost, ponechte defaultni 3-5% vyuziti disku.

• Znovu spustte FRST.exe/FRST64.exe
• stisknete Ctrl + y (obe klavesy zaroven)
• otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
• stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
• kliknete na tlacitko Fix
• po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  File: C:\Users\Matyas\AppData\Roaming\DllSystem.exe
  File: C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\kjAGldbm4yZi.exe
  HKLM-x32\...\Run: [9dbba36b20a05923f4f9e724157c594d] => C:\Users\Matyas\AppData\Roaming\DllSystem.exe .. [754176 2017-05-29] ()
  HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [9dbba36b20a05923f4f9e724157c594d] => C:\Users\Matyas\AppData\Roaming\DllSystem.exe .. [754176 2017-05-29] ()
  HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Winlogon: [Shell] "C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\kjAGldbm4yZi.exe",explorer.exe <==== ATTENTION
  Startup: C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9dbba36b20a05923f4f9e724157c594d.exe [2017-05-29] ()
  GroupPolicy: Restriction <======= ATTENTION
  HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [NimiPlaces] => C:\Program Files\Nimi Places\Nimi Places.exe [686080 2017-05-22] (Nimi projects)
  SearchScopes: HKU\S-1-5-21-912748295-2094081653-3589726940-1001 -> DefaultScope {2098CE0C-F201-4DA3-91EB-5FEB744A73AD} URL =
  SearchScopes: HKU\S-1-5-21-912748295-2094081653-3589726940-1001 -> {2098CE0C-F201-4DA3-91EB-5FEB744A73AD} URL =
  BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
  BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
  CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vflz7uhzw.ico
  R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [File not signed]
  C:\Program Files\KMSpico
  2017-05-29 09:49 - 2017-05-29 09:49 - 01329152 _____ C:\Users\Matyas\Desktop\RSITx64.exe
  2017-05-29 09:49 - 2017-05-29 09:49 - 00000000 ____D C:\rsit
  2017-05-29 09:49 - 2017-05-29 09:49 - 00000000 ____D C:\Program Files\trend micro
  2017-05-28 23:25 - 2017-05-29 22:27 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U
  2017-05-28 23:25 - 2017-05-29 22:26 - 00754176 _____ () C:\Users\Matyas\AppData\Roaming\DllSystem.exe
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
  Task: {8FF7B521-A55E-4600-BD61-AA91E6B2700A} - System32\Tasks\{4264BA57-5A5E-49F1-BB04-077A4DDD9CF5} => pcalua.exe -a D:\GAMES\AOM\AoM.eXe -d D:\GAMES\AOM -c +noIntroCinematics
  Task: {E9D69216-0FE9-499B-8762-C5DF0B86474C} - System32\Tasks\{D575F6C1-9B81-4380-9027-DBFB1DDF5178} => pcalua.exe -a D:\GAMES\AOM\aom.exe -d D:\GAMES\AOM -c
  ShortcutWithArgument: C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
  Hosts:
  EmptyTemp:
  End

[Matadorik]

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-05-2017
Ran by Matyas (29-05-2017 22:54:44) Run:1
Running from C:\Users\Matyas\Desktop
Loaded Profiles: Matyas (Available Profiles: Matyas & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Matyas\AppData\Roaming\DllSystem.exe
File: C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\kjAGldbm4yZi.exe
HKLM-x32\...\Run: [9dbba36b20a05923f4f9e724157c594d] => C:\Users\Matyas\AppData\Roaming\DllSystem.exe .. [754176 2017-05-29] ()
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [9dbba36b20a05923f4f9e724157c594d] => C:\Users\Matyas\AppData\Roaming\DllSystem.exe .. [754176 2017-05-29] ()
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Winlogon: [Shell] "C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\kjAGldbm4yZi.exe",explorer.exe <==== ATTENTION
Startup: C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9dbba36b20a05923f4f9e724157c594d.exe [2017-05-29] ()
GroupPolicy: Restriction <======= ATTENTION
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\...\Run: [NimiPlaces] => C:\Program Files\Nimi Places\Nimi Places.exe [686080 2017-05-22] (Nimi projects)
SearchScopes: HKU\S-1-5-21-912748295-2094081653-3589726940-1001 -> DefaultScope {2098CE0C-F201-4DA3-91EB-5FEB744A73AD} URL =
SearchScopes: HKU\S-1-5-21-912748295-2094081653-3589726940-1001 -> {2098CE0C-F201-4DA3-91EB-5FEB744A73AD} URL =
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vflz7uhzw.ico
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [File not signed]
C:\Program Files\KMSpico
2017-05-29 09:49 - 2017-05-29 09:49 - 01329152 _____ C:\Users\Matyas\Desktop\RSITx64.exe
2017-05-29 09:49 - 2017-05-29 09:49 - 00000000 ____D C:\rsit
2017-05-29 09:49 - 2017-05-29 09:49 - 00000000 ____D C:\Program Files\trend micro
2017-05-28 23:25 - 2017-05-29 22:27 - 00000000 ____D C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U
2017-05-28 23:25 - 2017-05-29 22:26 - 00754176 _____ () C:\Users\Matyas\AppData\Roaming\DllSystem.exe
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {8FF7B521-A55E-4600-BD61-AA91E6B2700A} - System32\Tasks\{4264BA57-5A5E-49F1-BB04-077A4DDD9CF5} => pcalua.exe -a D:\GAMES\AOM\AoM.eXe -d D:\GAMES\AOM -c +noIntroCinematics
Task: {E9D69216-0FE9-499B-8762-C5DF0B86474C} - System32\Tasks\{D575F6C1-9B81-4380-9027-DBFB1DDF5178} => pcalua.exe -a D:\GAMES\AOM\aom.exe -d D:\GAMES\AOM -c
ShortcutWithArgument: C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\Users\Matyas\AppData\Roaming\DllSystem.exe ========================

File not signed
MD5: E9792704C32B12B9B050F68E4F68E524
Creation and modification date: 2017-05-28 23:25 - 2017-05-29 22:26
Size: 0754176
Attributes: ----A
Company Name:
Internal Name: LTBLogger.exe
Original Name: LTBLogger.exe
Product: LTBLogger
Description: LTBLogger
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © LTBLogger 2017

====== End of File: ======


========================= File: C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U\kjAGldbm4yZi.exe ========================

File not signed
MD5: E9792704C32B12B9B050F68E4F68E524
Creation and modification date: 2017-05-29 22:27 - 2017-05-29 22:26
Size: 0754176
Attributes: ---SH
Company Name:
Internal Name: LTBLogger.exe
Original Name: LTBLogger.exe
Product: LTBLogger
Description: LTBLogger
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © LTBLogger 2017

====== End of File: ======

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\9dbba36b20a05923f4f9e724157c594d => value removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Windows\CurrentVersion\Run\\9dbba36b20a05923f4f9e724157c594d => value removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9dbba36b20a05923f4f9e724157c594d.exe => moved successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\Software\Microsoft\Windows\CurrentVersion\Run\\NimiPlaces => value removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2098CE0C-F201-4DA3-91EB-5FEB744A73AD} => key removed successfully
HKCR\CLSID\{2098CE0C-F201-4DA3-91EB-5FEB744A73AD} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => key removed successfully
HKCR\CLSID\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => key removed successfully
HKCR\Wow6432Node\CLSID\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => key not found.
Chrome DefaultSearchURL => removed successfully
HKLM\System\CurrentControlSet\Services\Service KMSELDI => key removed successfully
Service KMSELDI => service removed successfully
C:\Program Files\KMSpico => moved successfully
C:\Users\Matyas\Desktop\RSITx64.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Matyas\AppData\Roaming\Xby1SZXfMmiim85U => moved successfully
C:\Users\Matyas\AppData\Roaming\DllSystem.exe => moved successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => key removed successfully
HKU\S-1-5-21-912748295-2094081653-3589726940-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FF7B521-A55E-4600-BD61-AA91E6B2700A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FF7B521-A55E-4600-BD61-AA91E6B2700A} => key removed successfully
C:\WINDOWS\System32\Tasks\{4264BA57-5A5E-49F1-BB04-077A4DDD9CF5} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4264BA57-5A5E-49F1-BB04-077A4DDD9CF5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9D69216-0FE9-499B-8762-C5DF0B86474C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9D69216-0FE9-499B-8762-C5DF0B86474C} => key removed successfully
C:\WINDOWS\System32\Tasks\{D575F6C1-9B81-4380-9027-DBFB1DDF5178} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D575F6C1-9B81-4380-9027-DBFB1DDF5178} => key removed successfully
C:\Users\Matyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk => Shortcut argument removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13718460 B
Java, Flash, Steam htmlcache => 6661006 B
Windows/system/drivers => 833015 B
Edge => 2813322 B
Chrome => 391506022 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 3266 B
NetworkService => 0 B
Matyas => 138794996 B
Administrator => 9275 B

RecycleBin => 0 B
EmptyTemp: => 536.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:54:58 ====

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[Matadorik]

Opravdu moc děkuju, uklizeno, sken MBAM je už čistý, můžeme zamknout

[altrok]

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy