Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prevevntivna kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

prevevntivna kontrola

#1 Příspěvek od jardo »

Zdravicko, poprosil by som o preventivku. PC mi pride o nieco pomalsi nez zvykol byt. Dakujem :)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaroslav Vrabec at 2018-10-12 13:52:32
Microsoft Windows 10 Home
System drive C: has 92 GB (38%) free of 244 GB
Total RAM: 8066 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:52:34 PM, on 10/12/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\trend micro\Jaroslav Vrabec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer15.msn.com/?pc=ACTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SafeQClient] C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\admin\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Spotify] C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKCU\..\Run: [Gaijin.Net Agent] "C:\Users\admin\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.hola.org
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Heroes & Generals Service (HnGService) - Reto-Moto ApS - C:\Program Files (x86)\Heroes & Generals\live\hngservice.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel SST Parameter Service (IntelSSTSvc) - Unknown owner - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 14470 bytes

======Listing Processes======










c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c

c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Eaphost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s dot3svc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\system32\HPSIsvc.exe
C:\WINDOWS\system32\AdminService.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer

"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\SysWOW64\PnkBstrA.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {bc61f025-5efa-4b04-94be211f636c6216}
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
AvastUI.exe /nogui
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\helppane.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" /high-dpi-support=1 /force-device-scale-factor=1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=69.0.3497.100 --initial-client-data=0x1dc,0x1e0,0x1e4,0x1d8,0x1e8,0x7ffb052e54d0,0x7ffb052e54e0,0x7ffb052e54f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7948 --on-initialized-event-handle=700 --parent-handle=720 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=11461301505570772177 --mojo-platform-channel-handle=1484 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=13098323843108882995 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13098323843108882995 --renderer-client-id=3 --mojo-platform-channel-handle=2600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=15739736977225085089 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15739736977225085089 --renderer-client-id=8 --mojo-platform-channel-handle=3204 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=10189984816508760952 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10189984816508760952 --renderer-client-id=4 --mojo-platform-channel-handle=3440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=11147699122662877036 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11147699122662877036 --renderer-client-id=5 --mojo-platform-channel-handle=3584 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x528

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=16217714224248247884 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16217714224248247884 --renderer-client-id=19 --mojo-platform-channel-handle=6204 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=16848038374875612853 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16848038374875612853 --renderer-client-id=22 --mojo-platform-channel-handle=7032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=5781119381367701117 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5781119381367701117 --renderer-client-id=23 --mojo-platform-channel-handle=2656 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=17931834397318778082 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17931834397318778082 --renderer-client-id=24 --mojo-platform-channel-handle=2664 /prefetch:1

"C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=3243338084590651695 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3243338084590651695 --renderer-client-id=33 --mojo-platform-channel-handle=6272 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=943736165553117528 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=943736165553117528 --renderer-client-id=38 --mojo-platform-channel-handle=5920 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=7054486724431066166 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7054486724431066166 --renderer-client-id=40 --mojo-platform-channel-handle=7944 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=1456,18277255539411419728,8721270440308939204,131072 --service-pipe-token=11054773884876252873 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11054773884876252873 --renderer-client-id=42 --mojo-platform-channel-handle=6944 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 720 724 732 8192 728
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\admin\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-04 204880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-18 152104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-12 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-12 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-03-22 16481560]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-02 2199840]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-10-11 242392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-08-23 301880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2018-04-12 20488312]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-09-08 3207968]
"Akamai NetSession Interface"=C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [2017-01-03 4490200]
"Spotify"=C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [2018-07-12 24313232]
"Gaijin.Net Agent"=C:\Users\admin\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2018-04-26 2125896]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-09-19 18594760]
"Spotify Web Helper"=C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-07-12 781712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"SafeQClient"=C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [2015-12-10 493568]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"MaxGPOScriptWait"=600

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-10-11 21:34:50 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2018-10-11 21:34:47 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-10-10 08:42:50 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 08:42:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 08:42:48 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-10-10 08:42:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-10-10 08:42:43 ----A---- C:\WINDOWS\system32\shell32.dll
2018-10-10 08:42:42 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-10-10 08:42:41 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-10-10 08:42:41 ----A---- C:\WINDOWS\system32\wininet.dll
2018-10-10 08:42:41 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-10-10 08:42:41 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 08:42:40 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 08:42:40 ----A---- C:\WINDOWS\system32\InputService.dll
2018-10-10 08:42:40 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-10-10 08:42:39 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-10-10 08:42:39 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-10-10 08:42:38 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-10-10 08:42:38 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-10-10 08:42:38 ----A---- C:\WINDOWS\system32\msftedit.dll
2018-10-10 08:42:38 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 08:42:38 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 08:42:37 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-10-10 08:42:37 ----A---- C:\WINDOWS\system32\twinui.dll
2018-10-10 08:42:37 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-10-10 08:42:37 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 08:42:37 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-10-10 08:42:37 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-10-10 08:42:36 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-10-10 08:42:36 ----A---- C:\WINDOWS\system32\wmp.dll
2018-10-10 08:42:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-10-10 08:42:36 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 08:42:36 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-10-10 08:42:35 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-10-10 08:42:35 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-10-10 08:42:35 ----A---- C:\WINDOWS\system32\winmsipc.dll
2018-10-10 08:42:35 ----A---- C:\WINDOWS\system32\msctf.dll
2018-10-10 08:42:35 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-10-10 08:42:34 ----A---- C:\WINDOWS\system32\aepic.dll
2018-10-10 08:42:34 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\wsp_health.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\devinv.dll
2018-10-10 08:42:33 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 08:42:32 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2018-10-10 08:42:32 ----A---- C:\WINDOWS\SYSWOW64\winmsipc.dll
2018-10-10 08:42:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-10-10 08:42:32 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2018-10-10 08:42:32 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-10-10 08:42:32 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-10-10 08:42:32 ----A---- C:\WINDOWS\system32\WWAHost.exe
2018-10-10 08:42:32 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 08:42:32 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 08:42:32 ----A---- C:\WINDOWS\system32\kerberos.dll
2018-10-10 08:42:32 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-10-10 08:42:32 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-10-10 08:42:32 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-10-10 08:42:31 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\usocore.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\schannel.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\invagent.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\fveapi.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 08:42:31 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\wpnapps.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\win32spl.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\ubpm.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\resutils.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\dafBth.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\clusapi.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 08:42:30 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\winload.exe
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\evr.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\cryptui.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-10-10 08:42:29 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.XamlHost.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\winresume.exe
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\sechost.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\psmsrv.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\mfps.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\das.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\bthserv.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 08:42:28 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\winipcsecproc.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\winipcfile.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\user32.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\scksp.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-10-10 08:42:27 ----A---- C:\WINDOWS\system32\basecsp.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\SYSWOW64\winipcfile.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2018-10-10 08:42:26 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\thumbcache.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\themeui.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-10-10 08:42:26 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Proximity.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\INETRES.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\fdBth.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\wmpshell.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\utcutil.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\SCardBi.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\ProximityService.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\itss.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\INETRES.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\fdBth.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\certprop.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\bthci.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\bdesvc.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 08:42:25 ----A---- C:\WINDOWS\system32\aclui.dll
2018-10-10 08:13:50 ----D---- C:\Program Files (x86)\Geeks3D
2018-10-09 10:52:31 ----D---- C:\Program Files (x86)\MSI Afterburner
2018-10-09 10:48:57 ----D---- C:\Program Files (x86)\Heroes & Generals
2018-10-08 09:01:22 ----D---- C:\Program Files (x86)\Origin Games
2018-10-08 08:54:34 ----D---- C:\Program Files (x86)\SmilegateWest
2018-10-08 08:54:30 ----D---- C:\Program Files (x86)\Origin
2018-10-08 08:45:40 ----D---- C:\Users\admin\AppData\Roaming\Origin
2018-10-01 10:07:52 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-09-17 19:20:10 ----D---- C:\Program Files\iPod
2018-09-17 19:19:56 ----D---- C:\Program Files\iTunes
2018-09-17 19:09:50 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-09-17 19:09:46 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-09-17 19:09:41 ----A---- C:\WINDOWS\system32\sppobjs.dll
2018-09-17 19:09:40 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-09-17 19:09:39 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-09-17 19:09:38 ----A---- C:\WINDOWS\system32\tquery.dll
2018-09-17 19:09:37 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-09-17 19:09:37 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-09-17 19:09:37 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2018-09-17 19:09:35 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-09-17 19:09:34 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-09-17 19:09:33 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-09-17 19:09:33 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-09-17 19:09:33 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2018-09-17 19:09:32 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-17 19:09:32 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-09-17 19:09:32 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-17 19:09:32 ----A---- C:\WINDOWS\system32\dpx.dll
2018-09-17 19:09:31 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-09-17 19:09:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-09-17 19:09:31 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-09-17 19:09:31 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-09-17 19:09:31 ----A---- C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-17 19:09:31 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-09-17 19:09:31 ----A---- C:\WINDOWS\system32\nettrace.dll
2018-09-17 19:09:31 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-09-17 19:09:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2018-09-17 19:09:30 ----A---- C:\WINDOWS\SYSWOW64\dpx.dll
2018-09-17 19:09:30 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-09-17 19:09:30 ----A---- C:\WINDOWS\system32\tdh.dll
2018-09-17 19:09:30 ----A---- C:\WINDOWS\system32\ci.dll
2018-09-17 19:09:30 ----A---- C:\WINDOWS\system32\certutil.exe
2018-09-17 19:09:30 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-09-17 19:09:29 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\rsaenh.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\gdi32.dll
2018-09-17 19:09:29 ----A---- C:\WINDOWS\system32\certcli.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\dinput8.dll
2018-09-17 19:09:28 ----A---- C:\WINDOWS\system32\certca.dll
2018-09-17 19:09:27 ----A---- C:\WINDOWS\SYSWOW64\spp.dll
2018-09-17 19:09:27 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2018-09-17 19:09:27 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2018-09-17 19:09:27 ----A---- C:\WINDOWS\system32\sppwinob.dll
2018-09-17 19:09:27 ----A---- C:\WINDOWS\system32\spp.dll
2018-09-17 19:09:27 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-09-17 19:09:27 ----A---- C:\WINDOWS\system32\certreq.exe
2018-09-17 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\certreq.exe
2018-09-17 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\certca.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\TtlsAuth.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\srcore.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\hal.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\DscCore.dll
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2018-09-17 19:09:26 ----A---- C:\WINDOWS\system32\cryptxml.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\SYSWOW64\TtlsAuth.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-09-17 19:09:25 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollUI.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\system32\eShims.dll
2018-09-17 19:09:25 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-09-17 19:09:25 ----A---- C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2018-09-17 19:09:24 ----A---- C:\WINDOWS\system32\mssph.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\system32\mf3216.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-17 19:09:24 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2018-09-17 19:09:24 ----A---- C:\WINDOWS\system32\dinput.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\SYSWOW64\TtlsCfg.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\SYSWOW64\netevent.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\SYSWOW64\fdeploy.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\TtlsExt.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\TtlsCfg.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\rstrui.exe
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\netevent.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\fdeploy.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-17 19:09:23 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-13 23:59:40 ----A---- C:\WINDOWS\system32\drivers\sshid.sys

======List of files/folders modified in the last 1 month======

2018-10-12 13:52:33 ----D---- C:\WINDOWS\system32\drivers\etc
2018-10-12 13:52:33 ----D---- C:\Program Files\trend micro
2018-10-12 13:50:47 ----D---- C:\WINDOWS\Temp
2018-10-12 13:49:53 ----D---- C:\Users\admin\AppData\Roaming\Spotify
2018-10-12 13:47:55 ----D---- C:\WINDOWS\system32\SleepStudy
2018-10-12 13:36:29 ----D---- C:\WINDOWS\system32\LogFiles
2018-10-12 13:36:23 ----RD---- C:\WINDOWS\Microsoft.NET
2018-10-12 13:27:01 ----D---- C:\WINDOWS\system32\sru
2018-10-12 12:35:32 ----D---- C:\WINDOWS\Prefetch
2018-10-12 12:35:27 ----D---- C:\WINDOWS\system32\drivers
2018-10-12 12:35:27 ----D---- C:\WINDOWS\INF
2018-10-12 12:35:26 ----D---- C:\WINDOWS\system32\DriverStore
2018-10-12 12:35:21 ----D---- C:\WINDOWS\system32\catroot2
2018-10-12 12:35:17 ----SHD---- C:\System Volume Information
2018-10-11 21:41:55 ----D---- C:\WINDOWS\System32
2018-10-11 21:41:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-11 21:38:38 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-10-11 21:36:58 ----D---- C:\WINDOWS\system32\Tasks
2018-10-11 21:35:37 ----AD---- C:\Program Files (x86)\Hi-Rez Studios
2018-10-11 21:35:35 ----D---- C:\ProgramData\NVIDIA
2018-10-11 21:34:51 ----D---- C:\WINDOWS\system32\config
2018-10-11 21:34:47 ----HD---- C:\WINDOWS\ELAMBKUP
2018-10-11 12:29:31 ----RSD---- C:\WINDOWS\assembly
2018-10-11 12:27:09 ----D---- C:\WINDOWS\Logs
2018-10-11 03:00:46 ----SHDC---- C:\WINDOWS\Installer
2018-10-11 03:00:45 ----SHD---- C:\Config.Msi
2018-10-11 03:00:33 ----D---- C:\WINDOWS\SysWOW64
2018-10-10 22:52:27 ----D---- C:\Users\admin\AppData\Roaming\TS3Client
2018-10-10 20:05:23 ----D---- C:\WINDOWS\AppReadiness
2018-10-10 19:50:37 ----D---- C:\WINDOWS\WinSxS
2018-10-10 19:49:35 ----D---- C:\WINDOWS\TextInput
2018-10-10 19:49:35 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-10-10 19:49:35 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-10-10 19:49:35 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-10-10 19:49:35 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-10-10 19:49:35 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-10-10 19:49:35 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-10-10 19:49:35 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\zu-ZA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\yo-NG
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\xh-ZA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\wo-SN
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\wbem
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\tn-ZA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\ti-ET
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\ShellExperiences
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\rw-RW
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\nso-ZA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\migration
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\ig-NG
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\en-US
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\Boot
2018-10-10 19:49:34 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-10-10 19:49:33 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-10-10 19:49:33 ----RD---- C:\Program Files\Windows Defender
2018-10-10 19:49:33 ----D---- C:\WINDOWS\bcastdvr
2018-10-10 19:49:33 ----D---- C:\WINDOWS\apppatch
2018-10-10 19:49:33 ----D---- C:\Program Files\Windows Media Player
2018-10-10 19:49:33 ----D---- C:\Program Files\internet explorer
2018-10-10 19:49:33 ----D---- C:\Program Files (x86)\Windows Media Player
2018-10-10 19:49:33 ----D---- C:\Program Files (x86)\Windows Defender
2018-10-10 19:49:33 ----D---- C:\Program Files (x86)\Internet Explorer
2018-10-10 08:46:52 ----D---- C:\WINDOWS\CbsTemp
2018-10-10 08:46:49 ----D---- C:\WINDOWS\system32\MRT
2018-10-10 08:45:30 ----D---- C:\WINDOWS\debug
2018-10-10 08:45:26 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-10-10 08:13:50 ----RD---- C:\Program Files (x86)
2018-10-09 19:19:36 ----HD---- C:\Program Files\WindowsApps
2018-10-09 12:09:23 ----D---- C:\WINDOWS\system32\CatRoot
2018-10-09 10:38:35 ----D---- C:\Users\admin\AppData\Roaming\steelseries-engine-3-client
2018-10-09 10:38:08 ----D---- C:\Windows
2018-10-09 10:35:29 ----D---- C:\WINDOWS\SoftwareDistribution
2018-10-09 10:34:17 ----D---- C:\Program Files (x86)\Steam
2018-10-09 10:34:15 ----D---- C:\WINDOWS\LiveKernelReports
2018-10-09 10:33:19 ----D---- C:\ProgramData\Intel
2018-10-09 10:27:39 ----D---- C:\ProgramData\Origin
2018-10-09 10:27:35 ----D---- C:\Program Files (x86)\Intel
2018-10-09 10:27:26 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2018-10-09 10:27:26 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2018-10-09 10:27:16 ----D---- C:\ProgramData\Package Cache
2018-10-09 09:58:00 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2018-10-08 13:58:07 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrA.exe
2018-10-08 13:57:02 ----D---- C:\ProgramData\Electronic Arts
2018-10-08 13:56:14 ----D---- C:\Program Files (x86)\Common Files
2018-10-08 13:26:21 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-10-08 08:42:51 ----RD---- C:\Program Files
2018-10-08 08:42:51 ----HD---- C:\ProgramData
2018-10-04 18:40:06 ----AD---- C:\Program Files (x86)\Microsoft Office
2018-10-03 17:55:28 ----D---- C:\Users\admin\AppData\Roaming\vlc
2018-10-02 22:13:10 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-09-17 19:21:24 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2018-09-17 19:21:24 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2018-09-17 19:21:24 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-09-17 19:21:23 ----D---- C:\WINDOWS\system32\zh-CN
2018-09-17 19:21:23 ----D---- C:\WINDOWS\system32\sk-SK
2018-09-17 19:21:23 ----D---- C:\WINDOWS\system32\oobe
2018-09-17 19:21:23 ----D---- C:\WINDOWS\system32\Dism
2018-09-17 03:38:44 ----AD---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-10-11 201928]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-10-11 346760]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-10-11 59664]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-07-22 15360]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-10-11 88112]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-10-11 381144]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-08-28 1464752]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-10-11 201408]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-10-11 230512]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2018-10-11 42456]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-10-11 111968]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-10-11 1028840]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-10-11 467904]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-10-11 163376]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-10-11 208640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2018-05-09 37104]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-06-26 610656]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 ETDI2C;@oem18.inf,%ELANI2CDeviceDesc%;ELAN I2C Filter Driver; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [2016-03-25 183896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
R3 ICCWDT;@oem51.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2018-06-08 39504]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igdkmd64.sys [2017-02-07 11041776]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-03-22 5101592]
R3 IntcDAud;@oem39.inf,%IntcAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-09-16 821224]
R3 LMDriver;@oem54.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2018-05-15 31000]
R3 MEIx64;@oem41.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-02-04 185896]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [2017-05-18 14456920]
R3 nvvad_WaveExtensible;@oem5.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 Qcamain10x64;@oem53.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2017-11-08 2328488]
R3 RadioShim;@oem54.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2018-05-15 25368]
R3 rt640x64;@oem27.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-11-19 935168]
R3 RTSPER;@oem11.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-12-18 769752]
R3 ScpVBus;@oem13.inf,%ScpVBus.SVCDESC%;Scp Virtual Bus Driver; C:\WINDOWS\System32\drivers\ScpVBus.sys [2013-05-19 39168]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-10-11 47064]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-09-08 1096704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-11-08 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-11-08 47672]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-09-20 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 LGBusEnum;@oem51.inf,%LGBusEnum.SVCDESC%;Logitech Gaming Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2018-08-08 36496]
S3 LGJoyXlCore;@oem51.inf,%LGJoyXlCore.SVCDESC%;Logitech Translation Layer Driver (LGS); C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [2018-08-08 67736]
S3 LGVirHid;@oem52.inf,%LGVirHid.SVCDESC%;Logitech Gamepanel Virtual HID Device Driver; C:\WINDOWS\system32\drivers\LGVirHid.sys [2018-08-08 26008]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 Netaapl;@oem22.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\WINDOWS\System32\drivers\netaapl64.sys [2018-04-17 23040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-07-25 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-14 83984]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-08-23 83768]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2016-06-26 355760]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-10-11 325024]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2016-08-15 2267352]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_6ccd6;Connected Devices Platform User Service_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-09-26 9680472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-05-12 9728]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2011-11-11 126520]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2017-07-26 192200]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe [2017-02-07 350704]
R2 IntelSSTSvc;Intel SST Parameter Service; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [2015-12-02 25928]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-02-12 209184]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-02-12 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-02 1617352]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-03-28 425408]
R2 OneSyncSvc_6ccd6;Sync Host_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2018-10-08 3087176]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe []
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-10-11 8188768]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-07-25 43648]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2016-02-05 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-12 153168]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2016-02-05 8704]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-10-11 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_6ccd6;GameDVR and Broadcast User Service_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-10-09 6875688]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_6ccd6;Služba podpory používateľov rozhrania Bluetooth_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe [2017-02-07 310256]
S3 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe [2017-02-07 488944]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_6ccd6;DevicePicker_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_6ccd6;DevicesFlow_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-02-05 610464]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2017-02-25 1471352]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-12 153168]
S3 HnGService;Heroes & Generals Service; C:\Program Files (x86)\Heroes & Generals\live\hngservice.exe [2018-10-10 754984]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-01-14 976848]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-08-23 659768]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_6ccd6;MessagingService_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2018-10-08 2216256]
S3 ose;Office Source Engine; c:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-09-26 215328]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc_6ccd6;Kontaktné údaje_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_6ccd6;PrintWorkflow_6ccd6; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S4 Amazon 1Button App Service;Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [2015-05-07 456000]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prevevntivna kontrola

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

Re: prevevntivna kontrola

#3 Příspěvek od jardo »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-12-2018
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 37
# Failed: 0


***** [ Services ] *****

Deleted Amazon 1Button App Service

***** [ Folders ] *****

Deleted C:\Users\Public\Pokki
Deleted C:\Program Files\Hola
Deleted C:\Users\admin\AppData\Roaming\Hola

***** [ Files ] *****

Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Users\admin\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon 1Button App Service
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|hola
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Hola
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Deleted HKLM\Software\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4997 octets] - [12/10/2018 22:54:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prevevntivna kontrola

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

Re: prevevntivna kontrola

#5 Příspěvek od jardo »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Jaroslav Vrabec (administrator) on LAPTOP-N0EC0BO8 (14-10-2018 08:01:21)
Running from C:\Users\admin\Downloads
Loaded Profiles: Jaroslav Vrabec (Available Profiles: Jaroslav Vrabec)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: Slovak (Slovakia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16481560 2016-03-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-11] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VŠB-TU Ostrava)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Run: [Akamai NetSession Interface] => C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [24313232 2018-07-12] (Spotify Ltd)
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Run: [Gaijin.Net Agent] => C:\Users\admin\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125896 2018-04-26] (Gaijin Entertainment)
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [781712 2018-07-12] (Spotify Ltd)
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-10-09]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4
Tcpip\..\Interfaces\{20c9d1f3-e663-478e-9a4b-bde47dc73a9b}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{abe11eb5-5e93-4bf3-8d1b-b2d1aafa0357}: [DhcpNameServer] 158.196.0.53 158.196.99.166
Tcpip\..\Interfaces\{b9e49e69-44db-457b-9883-f29700125df4}: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4

Internet Explorer:
==================
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> DefaultScope {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-04] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-12] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> is enabled.

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-10-14]
CHR Extension: (Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-06]
CHR Extension: (Beauty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbbelgoeoihcmnkgkeanmogncgkfichm [2018-01-07]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-06]
CHR Extension: (uBlock Origin) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-10-02]
CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Heroes & Generals) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2016-09-07]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-11] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-11] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-10-09] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9680472 2018-09-26] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-02-05] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-05-12] (Hi-Rez Studios) [File not signed]
S3 HnGService; C:\Program Files (x86)\Heroes & Generals\live\hngservice.exe [754984 2018-10-10] (Reto-Moto ApS)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [25928 2015-12-02] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2216256 2018-10-08] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3087176 2018-10-08] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2018-10-08] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-09-06] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-11] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-11] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-11] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-11] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-11] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-22] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-11] (AVAST Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-08] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-08] (Disc Soft Ltd)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-03-25] (ELAN Microelectronic Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-08-08] (Logitech Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48320 2018-08-20] ()
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48056 2018-09-13] (SteelSeries ApS)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 X6va066; \??\C:\WINDOWS\SysWOW64\Drivers\X6va066 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-14 08:01 - 2018-10-14 08:01 - 000021102 _____ C:\Users\admin\Downloads\FRST.txt
2018-10-14 08:01 - 2018-10-14 08:01 - 000000000 ____D C:\FRST
2018-10-14 08:00 - 2018-10-14 08:00 - 002414592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2018-10-12 22:54 - 2018-10-12 22:55 - 000000000 ____D C:\AdwCleaner
2018-10-12 22:53 - 2018-10-12 22:53 - 007592144 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.2.4.0.exe
2018-10-12 13:52 - 2018-10-12 13:52 - 001222144 _____ C:\Users\admin\Downloads\RSITx64.exe
2018-10-11 21:36 - 2018-10-11 21:36 - 016796856 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup547 (1).exe
2018-10-11 21:36 - 2018-10-11 21:36 - 001270312 _____ (CPUID, Inc. ) C:\Users\admin\Downloads\hwmonitor_1.36.exe
2018-10-11 21:34 - 2018-10-11 21:34 - 016796856 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup547.exe
2018-10-11 21:34 - 2018-10-11 21:34 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-11 21:34 - 2018-10-11 21:34 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-10 08:42 - 2018-09-21 11:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 08:42 - 2018-09-21 11:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 08:42 - 2018-09-21 10:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 08:42 - 2018-09-21 10:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 08:42 - 2018-09-21 06:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 08:42 - 2018-09-21 06:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 08:42 - 2018-09-21 06:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 08:42 - 2018-09-21 06:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 08:42 - 2018-09-21 06:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 08:42 - 2018-09-21 06:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 08:42 - 2018-09-21 06:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 08:42 - 2018-09-21 06:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 08:42 - 2018-09-21 06:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 08:42 - 2018-09-21 06:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 08:42 - 2018-09-21 06:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 08:42 - 2018-09-21 06:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 08:42 - 2018-09-21 06:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 08:42 - 2018-09-21 06:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 08:42 - 2018-09-21 06:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 08:42 - 2018-09-21 06:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 08:42 - 2018-09-21 06:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 08:42 - 2018-09-21 06:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 08:42 - 2018-09-21 06:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 08:42 - 2018-09-21 06:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 08:42 - 2018-09-21 05:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 08:42 - 2018-09-21 05:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 08:42 - 2018-09-21 05:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 08:42 - 2018-09-21 05:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 08:42 - 2018-09-21 05:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 08:42 - 2018-09-21 05:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 08:42 - 2018-09-21 05:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 08:42 - 2018-09-21 05:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 08:42 - 2018-09-21 05:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 08:42 - 2018-09-21 05:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 08:42 - 2018-09-21 05:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 08:42 - 2018-09-21 05:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 08:42 - 2018-09-21 05:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 08:42 - 2018-09-21 05:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 08:42 - 2018-09-21 05:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 08:42 - 2018-09-21 05:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 08:42 - 2018-09-21 05:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 08:42 - 2018-09-21 05:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 08:42 - 2018-09-21 05:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 08:42 - 2018-09-21 05:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 08:42 - 2018-09-21 05:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 08:42 - 2018-09-21 05:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 08:42 - 2018-09-21 05:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 08:42 - 2018-09-21 05:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 08:42 - 2018-09-21 05:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 08:42 - 2018-09-20 11:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 08:42 - 2018-09-20 11:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 08:42 - 2018-09-20 11:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 08:42 - 2018-09-20 11:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 08:42 - 2018-09-20 11:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 08:42 - 2018-09-20 11:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 08:42 - 2018-09-20 11:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 08:42 - 2018-09-20 11:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 08:42 - 2018-09-20 11:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 08:42 - 2018-09-20 11:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 08:42 - 2018-09-20 11:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 08:42 - 2018-09-20 10:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 08:42 - 2018-09-20 10:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 08:42 - 2018-09-20 10:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 08:42 - 2018-09-20 10:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 08:42 - 2018-09-20 10:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 08:42 - 2018-09-20 10:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 08:42 - 2018-09-20 10:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 08:42 - 2018-09-20 10:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 08:42 - 2018-09-20 08:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 08:42 - 2018-09-20 07:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 08:42 - 2018-09-20 06:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 08:42 - 2018-09-20 06:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 08:42 - 2018-09-20 06:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 08:42 - 2018-09-20 06:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 08:42 - 2018-09-20 06:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 08:42 - 2018-09-20 06:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 08:42 - 2018-09-20 06:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 08:42 - 2018-09-20 06:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 08:42 - 2018-09-20 06:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 08:42 - 2018-09-20 06:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 08:42 - 2018-09-20 06:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 08:42 - 2018-09-20 06:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 08:42 - 2018-09-20 06:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 08:42 - 2018-09-20 06:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 08:42 - 2018-09-20 06:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 08:42 - 2018-09-20 06:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 08:42 - 2018-09-20 06:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 08:42 - 2018-09-20 06:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 08:42 - 2018-09-20 06:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 08:42 - 2018-09-20 06:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 08:42 - 2018-09-20 06:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 08:42 - 2018-09-20 06:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 08:42 - 2018-09-20 06:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 08:42 - 2018-09-20 06:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 08:42 - 2018-09-20 06:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 08:42 - 2018-09-20 06:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 08:42 - 2018-09-20 06:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 08:42 - 2018-09-20 06:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 08:42 - 2018-09-20 06:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 08:42 - 2018-09-20 06:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 08:42 - 2018-09-20 06:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 08:42 - 2018-09-20 06:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 08:42 - 2018-09-20 06:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 08:42 - 2018-09-20 06:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 08:42 - 2018-09-20 06:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 08:42 - 2018-09-20 05:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 08:42 - 2018-09-20 05:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 08:42 - 2018-09-20 05:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 08:42 - 2018-09-20 05:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 08:42 - 2018-09-20 05:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 08:42 - 2018-09-20 05:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 08:42 - 2018-09-20 05:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 08:42 - 2018-09-20 05:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 08:42 - 2018-09-20 05:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 08:42 - 2018-09-20 05:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 08:42 - 2018-09-20 05:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 08:42 - 2018-09-20 05:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 08:42 - 2018-09-20 05:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 08:42 - 2018-09-20 05:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 08:42 - 2018-09-20 05:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 08:42 - 2018-09-20 05:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 08:42 - 2018-09-20 05:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 08:42 - 2018-09-20 05:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 08:42 - 2018-09-20 05:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 08:42 - 2018-09-20 05:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 08:42 - 2018-09-20 05:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 08:42 - 2018-09-20 04:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 08:42 - 2018-09-20 03:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 08:42 - 2018-09-08 10:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 08:42 - 2018-09-08 10:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 08:42 - 2018-09-08 10:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 08:42 - 2018-09-08 10:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 08:42 - 2018-09-08 10:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 08:42 - 2018-09-08 10:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 08:42 - 2018-09-08 10:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 08:42 - 2018-09-08 10:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 08:42 - 2018-09-08 10:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 08:42 - 2018-09-08 10:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 08:42 - 2018-09-08 10:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 08:42 - 2018-09-08 09:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 08:42 - 2018-09-08 09:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 08:42 - 2018-09-08 09:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 08:42 - 2018-09-08 09:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 08:42 - 2018-09-08 09:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 08:42 - 2018-09-08 09:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 08:42 - 2018-09-08 09:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 08:42 - 2018-09-08 09:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 08:42 - 2018-09-08 09:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 08:42 - 2018-09-08 09:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 08:42 - 2018-09-08 09:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 08:42 - 2018-09-08 09:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 08:42 - 2018-09-08 09:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 08:42 - 2018-09-08 09:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 08:42 - 2018-09-08 09:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 08:42 - 2018-09-08 09:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 08:42 - 2018-09-08 09:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 08:42 - 2018-09-08 09:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 08:42 - 2018-09-08 09:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 08:42 - 2018-09-08 09:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 08:42 - 2018-09-08 09:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 08:42 - 2018-09-08 09:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 08:42 - 2018-09-08 09:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 08:42 - 2018-09-08 09:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 08:42 - 2018-09-08 09:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 08:42 - 2018-09-08 09:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 08:42 - 2018-09-08 09:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 08:42 - 2018-09-08 09:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 08:42 - 2018-09-08 09:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 08:42 - 2018-09-08 09:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 08:42 - 2018-09-08 09:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 08:42 - 2018-09-08 09:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 08:42 - 2018-09-08 09:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 08:42 - 2018-09-08 09:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 08:42 - 2018-09-08 09:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 08:42 - 2018-09-08 08:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 08:42 - 2018-09-08 08:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 08:42 - 2018-09-08 08:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 08:42 - 2018-09-08 08:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 08:42 - 2018-09-08 08:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 08:42 - 2018-09-08 08:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 08:42 - 2018-09-08 08:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 08:42 - 2018-09-08 08:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 08:42 - 2018-09-08 08:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 08:42 - 2018-09-08 08:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 08:42 - 2018-09-08 08:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 08:42 - 2018-09-08 08:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 08:42 - 2018-09-08 06:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 08:42 - 2018-09-08 05:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 08:42 - 2018-09-08 05:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 08:42 - 2018-09-08 05:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 08:42 - 2018-09-08 05:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 08:42 - 2018-09-08 05:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 08:42 - 2018-09-08 05:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 08:42 - 2018-09-08 05:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 08:42 - 2018-09-08 05:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 08:42 - 2018-09-08 05:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 08:42 - 2018-09-08 05:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 08:42 - 2018-09-08 05:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 08:42 - 2018-09-08 05:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 08:42 - 2018-09-08 05:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 08:42 - 2018-09-08 05:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 08:42 - 2018-09-08 05:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 08:42 - 2018-09-08 05:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 08:42 - 2018-09-08 05:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 08:42 - 2018-09-08 05:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 08:42 - 2018-09-08 05:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 08:42 - 2018-09-08 05:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 08:42 - 2018-09-08 05:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 08:42 - 2018-09-08 05:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 08:42 - 2018-09-08 05:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 08:42 - 2018-09-08 05:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 08:42 - 2018-09-08 05:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 08:42 - 2018-09-08 05:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 08:42 - 2018-09-08 05:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 08:42 - 2018-09-08 05:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 08:42 - 2018-09-08 05:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 08:42 - 2018-09-08 05:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 08:42 - 2018-09-08 05:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 08:42 - 2018-09-08 05:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 08:42 - 2018-09-08 05:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 08:42 - 2018-09-08 05:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 08:42 - 2018-09-08 05:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 08:42 - 2018-09-08 05:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 08:42 - 2018-09-08 05:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 08:42 - 2018-09-08 05:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 08:42 - 2018-09-08 05:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 08:42 - 2018-09-08 05:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 08:42 - 2018-09-08 05:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 08:42 - 2018-09-08 05:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 08:42 - 2018-09-08 05:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 08:42 - 2018-09-08 05:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 08:42 - 2018-09-08 05:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 08:42 - 2018-09-08 05:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 08:42 - 2018-09-08 05:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 08:42 - 2018-09-08 05:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 08:42 - 2018-09-08 05:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 08:42 - 2018-09-08 05:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 08:42 - 2018-09-08 05:24 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-10-10 08:42 - 2018-09-08 05:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 08:42 - 2018-09-08 05:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 08:42 - 2018-09-08 05:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 08:42 - 2018-09-08 05:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 08:42 - 2018-09-08 05:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 08:42 - 2018-09-08 05:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 08:42 - 2018-09-08 05:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-10 08:42 - 2018-09-08 05:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-10 08:35 - 2018-10-10 08:35 - 000331552 _____ C:\Users\admin\Desktop\Protokol_2.pdf
2018-10-10 08:18 - 2018-09-11 10:58 - 000463016 _____ (uWebb Software) C:\Users\admin\Desktop\ThrottleStop.exe
2018-10-10 08:13 - 2018-10-10 08:13 - 008585423 _____ (Geeks3D ) C:\Users\admin\Downloads\FurMark_1.20.1.0_Setup.exe
2018-10-10 08:13 - 2018-10-10 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2018-10-10 08:13 - 2018-10-10 08:13 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2018-10-09 12:16 - 2018-10-09 12:16 - 000226736 _____ C:\Users\admin\Downloads\ThrottleStop_870.zip
2018-10-09 12:16 - 2018-10-09 12:16 - 000000000 ____D C:\Users\admin\Downloads\ThrottleStop_870
2018-10-09 12:12 - 2018-10-13 08:23 - 000002434 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-10-09 10:57 - 2018-10-09 10:57 - 000002186 _____ C:\Users\Public\Desktop\Play Heroes & Generals.lnk
2018-10-09 10:52 - 2018-10-10 08:18 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-10-09 10:52 - 2018-10-09 10:52 - 000000000 ____D C:\Users\admin\Downloads\MSIAfterburnerSetup
2018-10-09 10:51 - 2018-10-09 10:51 - 039514610 _____ C:\Users\admin\Downloads\MSIAfterburnerSetup.zip
2018-10-09 10:48 - 2018-10-09 10:48 - 003189544 _____ C:\Users\admin\Downloads\HeroesAndGenerals-setup-151439.exe
2018-10-09 10:48 - 2018-10-09 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes & Generals
2018-10-09 10:48 - 2018-10-09 10:48 - 000000000 ____D C:\Program Files (x86)\Heroes & Generals
2018-10-09 10:30 - 2018-10-09 10:30 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2018-10-09 10:30 - 2018-10-09 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-10-09 10:27 - 2018-10-09 10:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2018-10-09 10:26 - 2018-10-09 10:26 - 029278224 _____ (Intel Corporation) C:\Users\admin\Downloads\XTUSetup.exe
2018-10-08 21:07 - 2018-10-08 21:07 - 000017196 _____ C:\Users\admin\Desktop\dele-alli-challenge-e1534498854515.webp
2018-10-08 13:56 - 2018-10-08 13:57 - 000000000 ____D C:\Users\admin\Documents\Battlefield 3
2018-10-08 13:56 - 2018-10-08 13:56 - 000001251 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2018-10-08 13:56 - 2018-10-08 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2018-10-08 13:36 - 2018-10-08 13:36 - 002156048 _____ (Reloaded Technologies) C:\Users\admin\Downloads\Crossfire_downloader (1).exe
2018-10-08 13:25 - 2018-10-08 13:25 - 002156048 _____ (Reloaded Technologies) C:\Users\admin\Downloads\Crossfire_downloader.exe
2018-10-08 09:17 - 2018-10-08 13:28 - 000000000 ____D C:\Users\admin\Documents\Cross Fire
2018-10-08 09:17 - 2018-10-08 09:17 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066_2018.10.08.11.26.20
2018-10-08 09:03 - 2018-10-08 09:03 - 000001468 _____ C:\Users\admin\Desktop\Crossfire Europe EU.lnk
2018-10-08 09:03 - 2018-10-08 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smilegate West
2018-10-08 09:01 - 2018-10-09 09:16 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-10-08 08:54 - 2018-10-08 08:54 - 000001070 _____ C:\Users\Public\Desktop\Origin.lnk
2018-10-08 08:54 - 2018-10-08 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2018-10-08 08:54 - 2018-10-08 08:54 - 000000000 ____D C:\Program Files (x86)\SmilegateWest
2018-10-08 08:54 - 2018-10-08 08:54 - 000000000 ____D C:\Program Files (x86)\Origin
2018-10-08 08:45 - 2018-10-09 10:27 - 000000000 ____D C:\Users\admin\AppData\Roaming\Origin
2018-10-08 08:45 - 2018-10-08 09:01 - 000000000 ____D C:\Users\admin\AppData\Local\Origin
2018-10-08 08:41 - 2018-10-08 08:41 - 000000000 ____D C:\Users\admin\Desktop\CrossFire EU
2018-10-04 18:40 - 2018-10-04 18:40 - 000002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000002528 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-04 18:40 - 2018-10-04 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2018-10-01 10:07 - 2018-09-05 00:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-09-18 06:15 - 2018-10-01 12:22 - 000000000 ____D C:\Users\admin\Desktop\aline
2018-09-18 04:12 - 2018-09-18 06:15 - 000000000 ____D C:\Users\admin\Desktop\New folder (2)
2018-09-17 19:20 - 2018-09-17 19:20 - 000001820 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-09-17 19:20 - 2018-09-17 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-09-17 19:20 - 2018-09-17 19:20 - 000000000 ____D C:\Program Files\iPod
2018-09-17 19:19 - 2018-09-17 19:20 - 000000000 ____D C:\Program Files\iTunes
2018-09-17 19:09 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-17 19:09 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-17 19:09 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-17 19:09 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-17 19:09 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-17 19:09 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-17 19:09 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-17 19:09 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-17 19:09 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-17 19:09 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-17 19:09 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-17 19:09 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-17 19:09 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-17 19:09 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-17 19:09 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-17 19:09 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-17 19:09 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-17 19:09 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-17 19:09 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-17 19:09 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-17 19:09 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-17 19:09 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-17 19:09 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-17 19:09 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-17 19:09 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-17 19:09 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-17 19:09 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-17 19:09 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-17 19:09 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-17 19:09 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-17 19:09 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-17 19:09 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-17 19:09 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-17 19:09 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-17 19:09 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-17 19:09 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-17 19:09 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-17 19:09 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-17 19:09 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-17 19:09 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-17 19:09 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-17 19:09 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-17 19:09 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-17 19:09 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-17 19:09 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-17 19:09 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-17 19:09 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-17 19:09 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-17 19:09 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-17 19:09 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-17 19:09 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-17 19:09 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-17 19:09 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-17 19:09 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-17 19:09 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-17 19:09 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-17 19:09 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-17 19:09 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-17 19:09 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-17 19:09 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-17 19:09 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-17 19:09 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-17 19:09 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-17 19:09 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-17 19:09 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-17 19:09 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-17 19:09 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-17 19:09 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-17 19:09 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-17 19:09 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-17 19:09 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-17 19:09 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-17 19:09 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-17 19:09 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-17 19:09 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-17 19:09 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-17 19:09 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-17 19:09 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-17 19:09 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-17 19:09 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-17 19:09 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-17 19:09 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-17 19:09 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-17 19:09 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-17 19:09 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-17 19:09 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-17 19:09 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-17 19:09 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-17 19:09 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-17 19:09 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-17 19:09 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-17 19:09 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-17 19:09 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-17 19:09 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-17 19:09 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-17 19:09 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-17 19:09 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-17 19:09 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-17 19:09 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-17 19:09 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-17 19:09 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-17 19:09 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-17 19:09 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-17 19:09 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-17 19:09 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-17 19:09 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-17 19:09 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-17 19:09 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-17 19:09 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-17 19:09 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-17 19:09 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-17 19:09 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-17 19:09 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-17 19:09 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-17 19:09 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-17 19:09 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-17 19:09 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-17 19:09 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-17 19:09 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-17 19:09 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-17 19:09 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-17 19:09 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-17 19:04 - 2018-09-17 19:04 - 000000000 ____D C:\Users\admin\AppData\Local\D3DSCache

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-14 07:59 - 2018-07-25 00:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-13 20:33 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-13 08:23 - 2018-07-25 00:41 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2018-10-13 08:23 - 2018-07-25 00:41 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-13 08:23 - 2018-07-25 00:41 - 000003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-13 08:23 - 2018-07-25 00:41 - 000003374 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0CA7F1D0-E0B3-4FD3-9097-8A716C90E8F4}
2018-10-13 08:23 - 2018-07-25 00:41 - 000003160 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-13 08:23 - 2018-07-25 00:41 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2018-10-13 08:23 - 2018-07-25 00:41 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-13 08:23 - 2018-07-25 00:41 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-13 08:23 - 2018-07-25 00:41 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-13 08:23 - 2018-07-25 00:41 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-13 08:23 - 2018-07-25 00:41 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-13 08:23 - 2018-07-25 00:41 - 000002762 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2018-10-13 08:23 - 2018-07-25 00:41 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-13 08:23 - 2018-07-25 00:41 - 000002534 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2018-10-13 08:23 - 2018-07-25 00:41 - 000002426 _____ C:\WINDOWS\System32\Tasks\{FCAE99AB-51A0-45C0-8DE2-57F58AA8C8E9}
2018-10-13 08:23 - 2018-07-25 00:41 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-10-13 08:23 - 2018-07-25 00:41 - 000002074 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
2018-10-13 08:23 - 2018-07-25 00:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-10-13 07:37 - 2018-07-25 00:41 - 011920940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-13 07:37 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-13 07:37 - 2016-09-30 09:31 - 008387916 _____ C:\WINDOWS\system32\perfh01B.dat
2018-10-13 07:37 - 2016-09-30 09:31 - 002510356 _____ C:\WINDOWS\system32\perfc01B.dat
2018-10-13 07:36 - 2018-07-25 00:36 - 000000000 ____D C:\Users\admin
2018-10-13 07:29 - 2017-05-14 11:21 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-13 07:29 - 2017-05-11 08:29 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-10-13 07:29 - 2016-09-07 08:05 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Heroes and Generals
2018-10-13 07:28 - 2018-07-25 00:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-12 22:55 - 2018-04-11 23:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-10-12 13:52 - 2017-09-12 10:04 - 000000000 ____D C:\Program Files\trend micro
2018-10-12 13:49 - 2017-01-14 21:56 - 000000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2018-10-12 13:49 - 2017-01-14 21:56 - 000000000 ____D C:\Users\admin\AppData\Local\Spotify
2018-10-12 12:42 - 2016-09-06 22:15 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2018-10-11 21:37 - 2017-03-17 10:13 - 000000979 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2018-10-11 21:36 - 2016-09-06 22:05 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-10-11 21:34 - 2018-07-25 00:41 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-11 21:34 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-11 21:34 - 2017-11-10 19:18 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-11 21:34 - 2017-10-25 09:44 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-11 21:31 - 2016-10-11 09:38 - 000000928 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-10-11 03:00 - 2016-09-15 07:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-10 22:52 - 2016-09-07 11:54 - 000000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2018-10-10 20:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-10 19:51 - 2017-06-26 13:46 - 000000000 ___RD C:\Users\admin\3D Objects
2018-10-10 19:51 - 2016-02-13 15:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-10 19:50 - 2018-08-26 17:15 - 000398672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-10 19:49 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-10 19:49 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-10 19:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-10 19:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-10 19:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-10 19:49 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-10 08:46 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 08:46 - 2016-09-06 21:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 08:45 - 2016-09-06 21:53 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-09 19:19 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-09 19:19 - 2017-10-25 10:06 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2018-10-09 10:39 - 2018-08-29 22:11 - 000000000 ____D C:\Users\admin\AppData\Roaming\steelseries-engine-3-client
2018-10-09 10:34 - 2018-04-13 15:44 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
2018-10-09 10:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-09 10:34 - 2016-09-06 23:01 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-09 10:33 - 2016-05-01 06:32 - 000000000 ____D C:\ProgramData\Intel
2018-10-09 10:27 - 2018-01-29 11:04 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2018-10-09 10:27 - 2018-01-29 11:04 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2018-10-09 10:27 - 2017-05-14 11:20 - 000000000 ____D C:\Program Files (x86)\Intel
2018-10-09 10:27 - 2016-10-19 16:19 - 000000000 ____D C:\ProgramData\Origin
2018-10-09 10:27 - 2016-03-18 15:39 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-09 09:58 - 2018-03-14 20:39 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-10-09 09:58 - 2016-11-13 18:52 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2018-10-09 09:57 - 2016-11-08 21:11 - 000280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2018-10-08 13:58 - 2018-03-14 20:39 - 000076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-10-08 13:57 - 2016-11-08 10:44 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-10-08 08:54 - 2018-03-15 09:59 - 000000000 ____D C:\Users\admin\Desktop\Skola
2018-10-08 08:53 - 2016-12-15 10:21 - 000000000 ___RD C:\Users\admin\Desktop\ 
2018-10-08 08:47 - 2018-03-13 15:49 - 000000000 ____D C:\Users\admin\Desktop\USA
2018-10-08 08:47 - 2018-01-08 23:25 - 000000000 ____D C:\Users\admin\Desktop\sc
2018-10-08 08:42 - 2018-04-03 08:16 - 000000000 ____D C:\Users\admin\AppData\Local\Sony
2018-10-04 18:40 - 2016-05-01 06:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-03 17:55 - 2016-10-19 18:50 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2018-10-02 22:13 - 2018-04-12 01:41 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 22:13 - 2018-04-12 01:41 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-21 03:22 - 2017-09-12 12:05 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-17 19:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-17 19:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-17 19:21 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-17 03:38 - 2016-09-06 22:05 - 000000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2016-10-07 22:06 - 2016-11-12 11:02 - 001307648 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2018-02-07 18:04 - 2018-02-07 18:04 - 000000840 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2016-12-15 10:44 - 2017-12-23 20:22 - 000007610 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-25 00:34

==================== End of FRST.txt ============================

jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

Re: prevevntivna kontrola

#6 Příspěvek od jardo »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Jaroslav Vrabec (14-10-2018 08:02:06)
Running from C:\Users\admin\Downloads
Windows 10 Home Version 1803 17134.345 (X64) (2018-07-24 22:41:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2945659558-3557737490-2161545064-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2945659558-3557737490-2161545064-503 - Limited - Disabled)
Guest (S-1-5-21-2945659558-3557737490-2161545064-501 - Limited - Disabled)
Jaroslav Vrabec (S-1-5-21-2945659558-3557737490-2161545064-1001 - Administrator - Enabled) => C:\Users\admin
WDAGUtilityAccount (S-1-5-21-2945659558-3557737490-2161545064-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: - )
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
CPUID HWMonitor 1.36 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.36 - CPUID, Inc.)
Crossfire Europe EU (HKLM-x32\...\Crossfire Europe_is1) (Version: V1512 - Smilegate West)
Crossout Launcher 1.0.3.54 (HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\CrossOutLauncher_is1) (Version: - )
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.1.0.0 - Reto-Moto)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.2.0 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel Extreme Tuning Utility (HKLM-x32\...\{275588D7-6C9D-4FB0-BBAE-2FA3F7C2DADB}) (Version: 6.4.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{6a0def1c-f6f2-4a5d-81f6-a1b858352c8b}) (Version: 6.4.1.25 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{CCBE9F01-C2C3-469C-A508-2E23A7495E91}) (Version: 1.0.0.609 - Intel Corporation)
iTunes (HKLM\...\{645877C4-2AB6-46B6-BD32-B251B0666F63}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.10827.20138 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10198 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7773 - Realtek Semiconductor Corp.)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
SafeQ (HKLM-x32\...\SafeQ) (Version: 0.9 - VŠB-TUO)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Spotify (HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Spotify) (Version: 1.0.84.344.gfc674f6f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.12.13 (HKLM\...\SteelSeries Engine 3) (Version: 3.12.13 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.40 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-06-27] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-06-27] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-06-27] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ContextMenuHandlers4: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-11] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {008AFEB2-96E1-4354-8C70-7B4B1F573F1E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {07B846C7-EF10-4868-AE96-897E1952AD93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-12] (Google Inc.)
Task: {095F825E-C428-49EE-97EB-2234F186F5E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-04] (Microsoft Corporation)
Task: {09DBE2C6-C915-4D91-8F81-579928256F16} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
Task: {11C27FEA-9E11-4FC0-8647-7FE2949AE6F9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {23AB2D32-3257-41C4-8D55-4BBFB128FE70} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {249BA709-421D-40C1-8C05-3FB2EB88A93E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {2FF07732-A9BA-4991-A470-536B1D0E270D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-04] (Microsoft Corporation)
Task: {41A63994-F476-4D2E-B049-9EA3DBB1B19E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-07-18] (Acer Incorporated)
Task: {550BD354-8CF8-4E22-82DF-D45C12836C33} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-04] (Microsoft Corporation)
Task: {5CDD36C7-6EB4-4FD6-A5A2-57EC65F16BED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-12] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {65BD0039-167B-4382-942B-3069DE527BDC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {6DE64459-B2BB-4F43-86A7-BE03B9507054} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {70530E03-2B5F-415A-B7E7-2F263E08E415} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-04] (Microsoft Corporation)
Task: {7E82EE1F-9115-41BE-BEE6-D0361EB47C40} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {9C901E04-FDD5-402A-AA08-12771EAAC1B0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-17] (AVAST Software)
Task: {9FA2311C-2F19-497E-82FA-4CC578651EFA} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {A2F21B54-547F-4E5C-AC8E-9737DA9BE940} - System32\Tasks\{FCAE99AB-51A0-45C0-8DE2-57F58AA8C8E9} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe" -d "C:\Program Files (x86)\Activision\Call of Duty - World at War"
Task: {A4F20748-3E4F-4805-9F9B-1F5416435CC8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {ABE9EF2A-8475-4BB0-A1E6-502B4518F165} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {B1B4D50C-DDFC-4AE5-BC61-B507F69A8C40} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {B45DB3B6-55B7-4F90-9DC8-6775B0BBD103} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-11] (AVAST Software)
Task: {B4D09C32-F05C-4753-B71F-E729EFD9741F} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {BCC5E6D3-D9B3-404C-9A2D-E691B4EB0863} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {C92B1D93-7026-4EFC-B2E9-D3CFE093292A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-04] (Microsoft Corporation)
Task: {CA467CCA-07B5-4F58-98C0-616344E87BF6} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {E80831FE-B854-495D-9F23-D9DB45C6F54A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-04] (Microsoft Corporation)
Task: {F23D6965-A2C7-4FEC-B23B-7B15BC4E44EC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation)
Task: {F3C84041-039E-4232-AFE7-EB8CB3697D05} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {F831740F-583C-476F-B084-809587AD9E1B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-01-14] (Intel(R) Corporation)
Task: {F9D7D654-99C8-47B0-832E-422F70BB92BF} - System32\Tasks\S-1-5-21-2945659558-3557737490-2161545064-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\admin\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> /high-dpi-support=1 /force-device-scale-factor=1
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> /high-dpi-support=1 /force-device-scale-factor=1

==================== Loaded Modules (Whitelisted) ==============

2017-05-14 11:21 - 2017-05-01 22:51 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-02 17:37 - 2015-12-02 17:37 - 005570064 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2-2.dll
2018-05-30 09:34 - 2011-04-02 16:05 - 000290304 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2018-05-30 09:34 - 2011-04-02 16:04 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2017-07-26 09:58 - 2017-07-26 09:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-05-15 18:59 - 2018-05-15 18:59 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-14 20:39 - 2018-10-08 13:58 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-10 08:42 - 2018-09-20 05:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-21 03:22 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-21 03:22 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2018-03-14 20:45 - 2018-03-14 20:45 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-11 21:34 - 2018-10-11 21:34 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2016-02-12 02:47 - 2016-02-12 02:47 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\admin:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [482]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-10-12 13:52 - 000000900 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.5.18.5 - 10.5.18.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "ScpToolkit Tray Notifications.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SafeQClient"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D78A2B42-67FA-406A-AD07-3FB6496EBBD5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{FEA9006E-4845-4A74-AC3A-B2824065F3A5}] => (Allow) LPort=161
FirewallRules: [{1F296317-C783-4175-93F2-84D21EBF8A19}] => (Allow) LPort=427
FirewallRules: [{9B99924E-A005-4A10-B64C-36CAB178B4EF}] => (Allow) LPort=9100
FirewallRules: [{2BD67B41-5392-45C7-A43A-B3EEA308FA04}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE5520A1-6A90-49A5-A2C5-C948FF0EEA4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BCD01ED1-12BB-4F72-A95A-EB7DC0EB6642}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{195E5E25-19BC-4385-906D-514AC8306D45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7ADBEF0C-B556-4966-B29A-D76B1289A0D1}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{53DCD096-B90F-45BF-A81C-0BF2ABFB197D}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [UDP Query User{0E8C2B7B-A384-4410-A3EB-DD2FA31639BE}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{B22A0AD4-51AA-4EA3-853E-75429FBFD8BF}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{4AC0A586-CAA0-455A-9F67-3BAE21C86DA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{59C914F2-9E89-4A1E-82E7-6B5F4CEB2D20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4928707A-72A0-4D5F-90C9-0CF00FC143EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{144D3CDF-1C97-4415-895A-04D40AC2B9D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{CBD5D548-C985-4D7C-BD0B-965F910C1D67}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{BC357D8C-8D21-4BF9-88CF-AE5C94CFD801}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{FA701B48-BBB0-4842-B13E-58563FB0908E}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{64A2BF1F-B54C-4006-B84E-A62AD598B305}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{053E5A8B-3FF6-41D6-AC6F-A45D2F18B9DE}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E10F28C3-4309-4742-B084-D1EB3193286C}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8163BB59-E4CA-406F-B37D-AF2544C6619C}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B5C2BCCC-ED8F-4E3D-8BD1-5BCFEFC23BC0}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0E3393BE-451C-4312-BDCE-6B60BED35906}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{1A38A5A0-4BC3-4317-89FA-2896C53B1A7B}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{AC83158E-F754-4749-A376-E2A26E5667D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{645714B2-9C63-41C7-A6DF-E0D4E80C5D83}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23730EA5-DDC0-4AB1-BF19-306C48E0F36C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{F180AACE-2962-4D5B-8D64-6091E0608CAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{C79F57A7-741A-49D6-8564-7172F3B58C12}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9CDD2A51-6253-40EB-8D39-D052BBD659C0}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{FE4CB5FE-1E30-4F29-9D24-5B90E892F375}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6222FF46-68C4-41B1-96DF-502A9E1B0B84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A24D1E75-50C5-461F-A7D9-DCC7511E89D9}] => (Allow) LPort=16667
FirewallRules: [{E5FFF42D-F4E2-422B-A0E4-1C8F2CEBE676}] => (Allow) LPort=16667
FirewallRules: [{9C11526E-BF1F-4CF9-BD37-3F2635F632B3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FFC637AF-9658-4D06-BE00-324DB0442625}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3613F1F5-DE33-4D68-80B8-FECB38AFECB8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0118674F-F987-49F3-A735-2D5476E85883}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6330743F-57E7-4BAD-93B4-BF9D78FE5384}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{4B3A557F-7D6B-4A1A-A4F6-7A510F7803D7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8399DE56-8AF9-401D-B05B-ADB3131C0A68}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{19EBBFA2-EE15-4A0C-8086-97D791991419}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1EE7816B-1938-4DA9-BFA5-FEC8B340D85B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{20E5662D-DD9F-4208-965C-1FC7E1527FE4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0190AC7E-4EE8-45FD-BCE6-6A1F1B0018F3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FAA91E5-F449-4D03-98F6-3DFA84A15CD0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{76CD4F63-8D42-4E8E-A315-17E7DC9FF8FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B539D538-FD45-4E28-9A52-A322F8C3781E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{68CD07A5-40F0-4602-8492-CD76B5A0C16E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1B1B6701-7590-45BE-ABC3-DDBAF34A355E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{8E9D6367-8DFD-407D-9ACC-26927F27A340}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{21CD9790-5D98-429E-B6C4-B164348B1DA0}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{A0DBC300-4BDB-41D7-871E-190B37A5035E}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{4EF489EB-D6C4-4981-ABD5-5B11B9C434D5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E324DDB5-BE78-40AE-9D46-D8BA10B9C149}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AA1B5D0A-BC33-4571-92F9-CC1DD74B628A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CC33BC7C-FD76-4168-BADB-4E0121B4AA60}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{AFBA70CC-1AF8-483B-975B-5479429C26C8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{1651DB79-C57D-4585-829E-799F165EEE86}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{39C7C189-CD1E-4A1B-860B-186EC02F8B7B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

09-10-2018 10:37:43 Installed DirectX
12-10-2018 12:35:09 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2018 05:10:11 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/13/2018 09:15:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1953

Error: (10/13/2018 09:15:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1953

Error: (10/13/2018 09:15:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/12/2018 04:21:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1953

Error: (10/12/2018 04:21:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1953

Error: (10/12/2018 04:21:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/12/2018 01:59:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x1fa8
Faulting application start time: 0x01d4621ce3d3b178
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: ae9df42c-9e7b-43d8-962e-21d0fc14bb57
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (10/13/2018 08:02:02 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-N0EC0BO8)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-N0EC0BO8\Jaroslav Vrabec SID (S-1-5-21-2945659558-3557737490-2161545064-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/13/2018 07:44:35 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-N0EC0BO8)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-N0EC0BO8\Jaroslav Vrabec SID (S-1-5-21-2945659558-3557737490-2161545064-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/13/2018 07:35:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/13/2018 07:30:01 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-N0EC0BO8)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-N0EC0BO8\Jaroslav Vrabec SID (S-1-5-21-2945659558-3557737490-2161545064-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/13/2018 07:29:15 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-N0EC0BO8)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-N0EC0BO8\Jaroslav Vrabec SID (S-1-5-21-2945659558-3557737490-2161545064-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/13/2018 07:28:49 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (10/13/2018 07:28:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 22:55:39 on ‎12. ‎10. ‎2018 was unexpected.

Error: (10/12/2018 10:58:29 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-N0EC0BO8)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-N0EC0BO8\Jaroslav Vrabec SID (S-1-5-21-2945659558-3557737490-2161545064-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 38%
Total physical RAM: 8065.9 MB
Available physical RAM: 4970.36 MB
Total Virtual: 16257.9 MB
Available Virtual: 12956.98 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:237.87 GB) (Free:89.24 GB) NTFS

\\?\Volume{c3684db7-0391-4646-a9ba-a90bfbfdb812}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{1688b020-1f86-484c-8004-db3854b7d851}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 0446E3A6)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prevevntivna kontrola

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: :\Program Files (x86)\SafeQ\SafeQ_cli.exe
    File: C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
    File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    
    HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Policies\Explorer: [] 
    GroupPolicy: Restriction ? <==== ATTENTION
    GroupPolicyScripts: Restriction <==== ATTENTION
    HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
    HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
    SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> DefaultScope {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL = 
    SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL = 
    S3 X6va066; \??\C:\WINDOWS\SysWOW64\Drivers\X6va066 [X]
    2018-10-12 13:52 - 2018-10-12 13:52 - 001222144 _____ C:\Users\admin\Downloads\RSITx64.exe
    2018-10-12 13:52 - 2017-09-12 10:04 - 000000000 ____D C:\Program Files\trend micro
    
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
    ContextMenuHandlers4: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
    ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
    ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
    Task: {008AFEB2-96E1-4354-8C70-7B4B1F573F1E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    AlternateDataStreams: C:\Users\admin:Heroes & Generals [38]
    AlternateDataStreams: C:\Users\Public\AppData:CSM [482]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

Re: prevevntivna kontrola

#8 Příspěvek od jardo »

Isiel som presne podla navodu no po stlaceni tlacidla fix stale pise fixing is in progress, please wait. Uz to tak bezi 15 minut no zatial sa nic neukoncilo a ani neponuklo restart pc.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prevevntivna kontrola

#9 Příspěvek od Conder »

:arrow: Pardon za zdrzanie.

:arrow: Ak sa vytvoril na ploche Fixlog.txt, poprosim o jeho obsah.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

Re: prevevntivna kontrola

#10 Příspěvek od jardo »

To je v pohode :).

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Jaroslav Vrabec (14-10-2018 21:15:49) Run:2
Running from C:\Users\admin\Desktop
Loaded Profiles: Jaroslav Vrabec (Available Profiles: Jaroslav Vrabec)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: :\Program Files (x86)\SafeQ\SafeQ_cli.exe
File: C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Policies\Explorer: []
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> DefaultScope {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
S3 X6va066; \??\C:\WINDOWS\SysWOW64\Drivers\X6va066 [X]
2018-10-12 13:52 - 2018-10-12 13:52 - 001222144 _____ C:\Users\admin\Downloads\RSITx64.exe
2018-10-12 13:52 - 2017-09-12 10:04 - 000000000 ____D C:\Program Files\trend micro

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Task: {008AFEB2-96E1-4354-8C70-7B4B1F573F1E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\admin:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [482]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prevevntivna kontrola

#11 Příspěvek od Conder »

:arrow: OK, skusime upraveny fixlist

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
    File: C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
    File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    
    HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Policies\Explorer: []
    GroupPolicy: Restriction ? <==== ATTENTION
    GroupPolicyScripts: Restriction <==== ATTENTION
    HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
    HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
    SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> DefaultScope {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
    SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
    S3 X6va066; \??\C:\WINDOWS\SysWOW64\Drivers\X6va066 [X]
    2018-10-12 13:52 - 2018-10-12 13:52 - 001222144 _____ C:\Users\admin\Downloads\RSITx64.exe
    2018-10-12 13:52 - 2017-09-12 10:04 - 000000000 ____D C:\Program Files\trend micro
    
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
    ContextMenuHandlers4: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
    ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
    ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
    Task: {008AFEB2-96E1-4354-8C70-7B4B1F573F1E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    AlternateDataStreams: C:\Users\admin:Heroes & Generals [38]
    AlternateDataStreams: C:\Users\Public\AppData:CSM [482]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

Re: prevevntivna kontrola

#12 Příspěvek od jardo »

Tento raz to prebehlo v pohode, tu je log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Jaroslav Vrabec (16-10-2018 22:26:17) Run:3
Running from C:\Users\admin\Desktop
Loaded Profiles: Jaroslav Vrabec (Available Profiles: Jaroslav Vrabec)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
File: C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\...\Policies\Explorer: []
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> DefaultScope {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
SearchScopes: HKU\S-1-5-21-2945659558-3557737490-2161545064-1001 -> {8887E5D9-399E-4A89-9ED1-D7D84BFA4427} URL =
S3 X6va066; \??\C:\WINDOWS\SysWOW64\Drivers\X6va066 [X]
2018-10-12 13:52 - 2018-10-12 13:52 - 001222144 _____ C:\Users\admin\Downloads\RSITx64.exe
2018-10-12 13:52 - 2017-09-12 10:04 - 000000000 ____D C:\Program Files\trend micro

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Task: {008AFEB2-96E1-4354-8C70-7B4B1F573F1E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\admin:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [482]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Program Files (x86)\SafeQ\SafeQ_cli.exe ========================

C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
File not signed
MD5: 770C2154C6C86F1B725D689A93437237
Creation and modification date: 2015-12-10 16:19 - 2015-12-10 16:19
Size: 000493568
Attributes: ----A
Company Name: VŠB-TU Ostrava
Internal Name:
Original Name:
Product:
Description: SafeQ Client
File Version: 1.0.0.14
Product Version: 1.0.0.0
Copyright:
VirusTotal: https://www.virustotal.com/file/bd10212 ... 482397463/

====== End of File: ======


========================= File: C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe ========================

C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
File not signed
MD5: 29B516DB7447E6BB929D3B6D20DA3509
Creation and modification date: 2017-05-11 08:29 - 2017-05-12 00:34
Size: 000009728
Attributes: ----A
Company Name: Hi-Rez Studios
Internal Name: HiPatchService.exe
Original Name: HiPatchService.exe
Product: HiPatchService
Description: HiPatchService
File Version: 5.1.2.0
Product Version: 5.1.2.0
Copyright: Copyright © Hi-Rez Studios 2011
VirusTotal: https://www.virustotal.com/file/3fbf70d ... 529051787/

====== End of File: ======


========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================

C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: E548929868BDFD3FC13B46D99605B764
Creation and modification date: 2017-07-26 09:58 - 2017-07-26 09:58
Size: 000192200
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/737c8a1 ... 538649226/

====== End of File: ======


========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe ========================

C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File not signed
MD5: AAD556B0E8033F5FBDF1BF396F843EAA
Creation and modification date: 2016-02-05 18:22 - 2016-02-05 18:22
Size: 000335872
Attributes: ----A
Company Name: Intel Corporation
Internal Name: isa.exe
Original Name: isa.exe
Product: Intel(R) Security Assist
Description: Intel(R) Security Assist
File Version: 1.0.0.609
Product Version: 1.0.0.609
Copyright: Copyright © 2016
VirusTotal: https://www.virustotal.com/file/c73a024 ... 537535852/

====== End of File: ======


========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe ========================

C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
File not signed
MD5: 1EE06F61ADDADE7DD0270FDDD6050777
Creation and modification date: 2016-02-05 18:22 - 2016-02-05 18:22
Size: 000008704
Attributes: ----A
Company Name: Intel Corporation
Internal Name: isaHelpe.exe
Original Name: isaHelpe.exe
Product: Intel(R) Security Assist
Description:
File Version: 1.0.0.609
Product Version: 1.0.0.609
Copyright: Copyright (C) 2016
VirusTotal: 0

====== End of File: ======

"HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2945659558-3557737490-2161545064-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8887E5D9-399E-4A89-9ED1-D7D84BFA4427} => removed successfully
HKLM\Software\Classes\CLSID\{8887E5D9-399E-4A89-9ED1-D7D84BFA4427} => not found
HKLM\System\CurrentControlSet\Services\X6va066 => removed successfully
X6va066 => service removed successfully
C:\Users\admin\Downloads\RSITx64.exe => moved successfully
C:\Program Files\trend micro => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMPClassic => removed successfully
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AIMPClassic => removed successfully
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{008AFEB2-96E1-4354-8C70-7B4B1F573F1E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{008AFEB2-96E1-4354-8C70-7B4B1F573F1E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\Users\admin => ":Heroes & Generals" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25470218 B
Java, Flash, Steam htmlcache => 567508825 B
Windows/system/drivers => 3449715 B
Edge => 99633 B
Chrome => 834366599 B
Firefox => 11686276 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13532 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
admin => 118494189 B

RecycleBin => 3813 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:27:41 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prevevntivna kontrola

#13 Příspěvek od Conder »

:arrow: Nastala nejaka zmena alebo su este nejake problemy s PC?

:arrow: Skontroluj velkost plochy (C:\Users\admin\Desktop). Ak je vacsia ako cca 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

jardo
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 11 zář 2011 11:44

Re: prevevntivna kontrola

#14 Příspěvek od jardo »

Plocha mala nieco cez 24 gb :roll: . PC je citelne sviznejsi ako bol pred tym. Dakujem mozete lock :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prevevntivna kontrola

#15 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět