Prosim o kontrolu logu. Pomaly pocitac a prohlizec.
Dekuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Interista at 2020-12-26 17:17:22
Microsoft Windows 10 Home
System drive C: has 149 GB (35%) free of 432 GB
Total RAM: 8136 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:17:40, on 26.12.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\spacedeskServiceTray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files\trend micro\Interista.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX2] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe /FORCE
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Interista\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [AceStream] C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe --port=52117 --pid=13932 --browsercore --lang=en-us --overscroll-history-navigation=0 --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --disable-fill-background --dpi-awareness=unaware --disable-kill-after-bad-ipc --flag-switches-begin --flag-switches-end --origin-trial-disabled-features=MeasureMemory --file-url-path-alias="/gen=C:\Program Files\thinkorswim\jxbrowser\v18\bin\gen" --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_8f68a42 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: spacedeskService - Unknown owner - C:\WINDOWS\System32\spacedeskService.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
--
End of file - 13322 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-53268873-e6ac-45a0-be51-399dd2d0ed43 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9b5a3291-f24e-42a2-9379-d77764e031e1 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5838ff84-4c98-4bc0-a3be-6e0eb749fe9a -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b5c7bcc8-ca2b-4df2-aacc-7eb60bedb4e8 -LifetimeId:39e1f80c-dca6-443f-9e32-5de010816116 -DeviceGroupId:v3DDKIndirectGroup -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p
dashost.exe {dcd6ddee-bdfb-4535-add15db10677601e}
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe" /StartService
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe" /StartService
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\spacedeskService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\snmp.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost -s AppHostSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="25378DB0-F90F-42B8-2B99-59554ADBBD22" /binpath="C:\Program Files\AVAST Software\Avast"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s pla
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xMzkuNTkiIHNoZWxsX3ZlcnNpb249IjEuMy4xMjcuMTUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7N0U3MUVCRDUtRkU2Ny00QzVBLUE4RDctRkE5MzA0N0Q4RUY4fSIgdXNlcmlkPSJ7MEFDOEFBMTItMUYzNy00QTkyLTg3QkUtMzk1ODQ4NUU0QzA3fSIgaW5zdGFsbHNvdXJjZT0iY29yZSIgcmVxdWVzdGlkPSJ7OERDRUY2OTItMTEwQy00NkFGLUI4MkItMTUyQzgzNzU5NjBCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBwaHlzbWVtb3J5PSI4IiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE4MzYzLjEyNTYiIHNwPSIiIGFyY2g9Ing2NCIvPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI4Ny4wLjY2NC42MCIgbmV4dHZlcnNpb249Ijg3LjAuNjY0LjY2IiBsYW5nPSIiIGJyYW5kPSJXVUxTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMTk1IiBpbnN0YWxsZGF0ZT0iNDkwNyIgY29ob3J0PSJycmZAMC4zNCI-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMWJiMTIzZTUtODk3NC00NzJiLWE3NGUtMDIxMWU0ODJhNDg2P1AxPTE2MDkyMzk3MDImYW1wO1AyPTQwMiZhbXA7UDM9MiZhbXA7UDQ9VndJVVdMN3E1MTJQNGZucFduWDJxbHpSaUZHQ0p2VEZoV3p4VjN6alQ5d1FEZGNMUWRtNDkxemREUDQlMmJhbjBNVjcySGdDUndWWlZVdW9ha0xUc0NZZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgZG93bmxvYWRlZD0iODk2NTUzNiIgdG90YWw9Ijg5NjU1MzYiIGRvd25sb2FkX3RpbWVfbXM9IjI1MTA1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHNvdXJjZV91cmxfaW5kZXg9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjY1NTM2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTcwMCIgZG93bmxvYWRfdGltZV9tcz0iMjg0MzMiIGRvd25sb2FkZWQ9Ijg5NjU1MzYiIHRvdGFsPSI4OTY1NTM2IiBpbnN0YWxsX3RpbWVfbXM9IjI1NTc1OSIvPjwvYXBwPjwvcmVxdWVzdD4
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
This is spacedesk Service calling.
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:4928
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"ctfmon.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
AvastUI.exe /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"C:\Users\Interista\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOWReliabilityMonitor.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s Netman
C:\WINDOWS\splwow64.exe 8192
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files\thinkorswim\thinkorswim.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --port=64215 --pid=19880 --browsercore --lang=en-us --overscroll-history-navigation=0 --user-data-dir=C:\Users\Interista\.thinkorswim\login-browser-data-v18-0 --disable-fill-background --dpi-awareness=unaware
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=crashpad-handler --user-data-dir=C:\Users\Interista\.thinkorswim\login-browser-data-v18-0 /prefetch:7 --monitor-self --monitor-self-argument=--type=crashpad-handler --monitor-self-argument=--user-data-dir=C:\Users\Interista\.thinkorswim\login-browser-data-v18-0 --monitor-self-argument=/prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Public\Documents\Google\Chrome --metrics-dir=C:\Users\Interista\.thinkorswim\login-browser-data-v18-0 --url=https://client2.google.com/cr/reports --annotation=plat=Win64 --annotation=prod=Chromium --annotation=ver=69.0.3497.12-devel --initial-client-data=0x228,0x22c,0x230,0x224,0x234,0x7fff974a8520,0x7fff974a8530,0x7fff974a8540
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=crashpad-handler --user-data-dir=C:\Users\Interista\.thinkorswim\login-browser-data-v18-0 /prefetch:7 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Public\Documents\Google\Chrome --url=https://client2.google.com/cr/reports --annotation=plat=Win64 --annotation=prod=Chromium --annotation=ver=69.0.3497.12-devel --initial-client-data=0x248,0x24c,0x250,0x244,0x254,0x7ff7ff31ff50,0x7ff7ff31ff60,0x7ff7ff31ff70
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=gpu-process --field-trial-handle=1836,4911801477197063891,17798325957830895813,131072 --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --start-stack-profiler --browsercore --dpi-awareness=unaware --gpu-preferences=KAAAAAAAAACAAwBgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --start-stack-profiler --browsercore --dpi-awareness=unaware --service-request-channel-token=4790175130563269555 --mojo-platform-channel-handle=1852 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=utility --field-trial-handle=1836,4911801477197063891,17798325957830895813,131072 --lang=en-US --service-sandbox-type=audio --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --browsercore --dpi-awareness=unaware --service-request-channel-token=11180481694539910213 --mojo-platform-channel-handle=1980 /prefetch:8
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=renderer --file-url-path-alias="/gen=C:\Program Files\thinkorswim\jxbrowser\v18\bin\gen" --field-trial-handle=1836,4911801477197063891,17798325957830895813,131072 --service-pipe-token=12542284789732217256 --lang=en-US --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --origin-trial-disabled-features=MeasureMemory --start-stack-profiler --browsercore --dpi-awareness=unaware --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12542284789732217256 --renderer-client-id=5 --mojo-platform-channel-handle=3572 /prefetch:1
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=renderer --file-url-path-alias="/gen=C:\Program Files\thinkorswim\jxbrowser\v18\bin\gen" --field-trial-handle=1836,4911801477197063891,17798325957830895813,131072 --service-pipe-token=17811349434083568187 --lang=en-US --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --origin-trial-disabled-features=MeasureMemory --browsercore --dpi-awareness=unaware --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17811349434083568187 --renderer-client-id=4 --mojo-platform-channel-handle=3592 /prefetch:1
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=renderer --file-url-path-alias="/gen=C:\Program Files\thinkorswim\jxbrowser\v18\bin\gen" --field-trial-handle=1836,4911801477197063891,17798325957830895813,131072 --service-pipe-token=1495015790372158553 --lang=en-US --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --origin-trial-disabled-features=MeasureMemory --browsercore --dpi-awareness=unaware --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1495015790372158553 --renderer-client-id=7 --mojo-platform-channel-handle=4332 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Interista\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\Interista\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=87.0.4280.88 --initial-client-data=0xdc,0xe0,0xe4,0xb8,0xe8,0x7fff8c360eb0,0x7fff8c360ec0,0x7fff8c360ed0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1704 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2080 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2388 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4336 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
"C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe" --type=renderer --file-url-path-alias="/gen=C:\Program Files\thinkorswim\jxbrowser\v18\bin\gen" --field-trial-handle=1836,4911801477197063891,17798325957830895813,131072 --service-pipe-token=7104399983991265064 --lang=en-US --user-data-dir="C:\Users\Interista\.thinkorswim\login-browser-data-v18-0" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --origin-trial-disabled-features=MeasureMemory --browsercore --dpi-awareness=unaware --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7104399983991265064 --renderer-client-id=9 --mojo-platform-channel-handle=4692 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=9132,17044421334183127541,17892286954933943157,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Interista\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.10.2442)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\Interista\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=8768 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=9132,17044421334183127541,17892286954933943157,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\Interista\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.10.2442)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Interista\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=4496 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=9876 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9872 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1656 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=media.mojom.CdmService --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --service-sandbox-type=cdm --mojo-platform-channel-handle=12184 /prefetch:8
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9340 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7732 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=180 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=181 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=183 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=184 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=185 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7416 /prefetch:1
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=206 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=215 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=217 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=221 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=248 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=257 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11248 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=259 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=264 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12556 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=280 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12852 /prefetch:1
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=284 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,2069005181272881097,15132840330189160482,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=289 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9240 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe249_ Global\UsGthrCtrlFltPipeMssGthrPipe249 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 792 796 804 8192 800
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x65c
"C:\Users\Interista\Downloads\RSITx64.exe"
"C:\WINDOWS\System32\osk.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job - C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job - C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll [2020-12-17 532880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll [2020-12-17 414096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-07-03 84992]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-01-18 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-01-18 5908928]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-12-12 117352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-18 11779176]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10 509936]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-01-07 3951280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"=C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
"OneDrive"=C:\Users\Interista\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-12-18 1938296]
"AceStream"=C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe [2018-08-30 27960]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-03-19 22245560]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [2020-04-08 1546784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]
"IJNetworkScannerSelectorEX2"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [2016-12-09 279240]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-12-22 20:03:16 ----D---- C:\ProgramData\GOG.com
2020-12-12 18:59:10 ----A---- C:\WINDOWS\system32\aswBoot.exe
2020-12-12 18:59:00 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2020-12-12 15:18:56 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2020-12-12 15:18:56 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2020-12-12 15:18:55 ----A---- C:\WINDOWS\system32\fveapibase.dll
2020-12-12 15:18:55 ----A---- C:\WINDOWS\system32\fveapi.dll
2020-12-12 15:18:54 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2020-12-12 15:18:53 ----A---- C:\WINDOWS\system32\cdp.dll
2020-12-12 15:18:53 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2020-12-12 15:18:29 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2020-12-12 15:18:29 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2020-12-12 15:18:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2020-12-12 15:18:28 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2020-12-12 15:18:28 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2020-12-12 15:18:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2020-12-12 15:18:27 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2020-12-12 15:18:27 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2020-12-12 15:18:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2020-12-12 15:18:26 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-12 15:18:26 ----A---- C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-12 15:18:26 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-12 15:18:25 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-12-12 15:18:25 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-12 15:18:22 ----A---- C:\WINDOWS\system32\wpdshext.dll
2020-12-12 15:18:22 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-12-12 15:18:22 ----A---- C:\WINDOWS\system32\DMRServer.dll
2020-12-12 15:18:21 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-12 15:18:21 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-12 15:18:21 ----A---- C:\WINDOWS\system32\dlnashext.dll
2020-12-12 15:18:20 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2020-12-12 15:18:20 ----A---- C:\WINDOWS\system32\mfsvr.dll
2020-12-12 15:18:20 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-12 15:18:20 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-12-12 15:18:19 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-12 15:18:19 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-12 15:18:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-12-12 15:18:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2020-12-12 15:18:17 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-12-12 15:18:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-12-12 15:18:16 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-12-12 15:18:16 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-12-12 15:18:15 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-12-12 15:18:14 ----A---- C:\WINDOWS\SYSWOW64\wecutil.exe
2020-12-12 15:18:14 ----A---- C:\WINDOWS\SYSWOW64\wecapi.dll
2020-12-12 15:18:14 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-12-12 15:18:14 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-12-12 15:18:13 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-12-12 15:18:13 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2020-12-12 15:18:13 ----A---- C:\WINDOWS\SYSWOW64\net1.exe
2020-12-12 15:17:34 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-12 15:17:34 ----A---- C:\WINDOWS\system32\Spectrum.exe
2020-12-12 15:17:34 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-12 15:17:34 ----A---- C:\WINDOWS\system32\ListSvc.dll
2020-12-12 15:17:34 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2020-12-12 15:17:33 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-12 15:17:33 ----A---- C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17:33 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-12-12 15:17:33 ----A---- C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17:33 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2020-12-12 15:17:33 ----A---- C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-12 15:17:32 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-12-12 15:17:32 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-12-12 15:17:32 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-12-12 15:17:31 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-12-12 15:17:29 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\wecutil.exe
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\wecsvc.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\wecapi.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\StorSvc.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\packager.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\net1.exe
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\jscript.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-12 15:17:28 ----A---- C:\WINDOWS\system32\edpcsp.dll
2020-12-12 15:17:26 ----A---- C:\WINDOWS\system32\sdshext.dll
2020-12-12 15:17:26 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2020-12-12 15:17:26 ----A---- C:\WINDOWS\system32\sdclt.exe
2020-12-12 15:17:25 ----A---- C:\WINDOWS\system32\vertdll.dll
2020-12-12 15:17:25 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-12-12 15:17:25 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-12-12 15:17:25 ----A---- C:\WINDOWS\system32\skci.dll
2020-12-12 15:17:25 ----A---- C:\WINDOWS\system32\sdengin2.dll
2020-12-12 15:17:24 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-12-12 15:17:24 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2020-12-12 15:17:24 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-12-12 15:17:24 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2020-12-12 15:17:23 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2020-12-12 15:17:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-12-12 15:17:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-12-12 15:17:22 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-12-12 15:17:22 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-12-12 15:17:22 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2020-12-12 15:17:22 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\unenrollhook.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\omadmapi.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\gmsaclient.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2020-12-12 15:17:21 ----A---- C:\WINDOWS\SYSWOW64\dmcfgutils.dll
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-12-12 15:16:34 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2020-12-12 15:16:33 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2020-12-12 15:16:33 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2020-12-12 15:16:33 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2020-12-12 15:16:33 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\winipcsecproc.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\CertPolEng.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\btpanui.dll
2020-12-12 15:16:32 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2020-12-12 15:16:31 ----A---- C:\WINDOWS\SYSWOW64\winmsipc.dll
2020-12-12 15:16:31 ----A---- C:\WINDOWS\SYSWOW64\winipcfile.dll
2020-12-12 15:16:31 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-12-12 15:16:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-12-12 15:16:31 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-12-12 15:16:31 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2020-12-12 15:16:30 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2020-12-12 15:16:30 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-12-12 15:16:30 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2020-12-12 15:16:30 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-12-12 15:16:30 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2020-12-12 15:16:30 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-12-12 15:16:29 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-12-12 15:16:29 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-12-12 15:16:29 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2020-12-12 15:16:28 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-12-12 15:16:28 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-12-12 15:16:28 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:16:28 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-12-12 15:16:28 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-12-12 15:16:28 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-12-12 15:16:28 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\dsregtask.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2020-12-12 15:16:27 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\TaskSchdPS.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2020-12-12 15:16:26 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2020-12-12 15:16:25 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2020-12-12 15:16:24 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2020-12-12 15:16:24 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2020-12-12 15:16:24 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-12 15:16:24 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-12 15:16:24 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-12-12 15:16:24 ----A---- C:\WINDOWS\system32\twext.dll
2020-12-12 15:16:24 ----A---- C:\WINDOWS\system32\comdlg32.dll
2020-12-12 15:16:23 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-12 15:16:23 ----A---- C:\WINDOWS\system32\RASMM.dll
2020-12-12 15:16:23 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-12-12 15:16:23 ----A---- C:\WINDOWS\system32\rasman.dll
2020-12-12 15:16:23 ----A---- C:\WINDOWS\system32\rascustom.dll
2020-12-12 15:16:23 ----A---- C:\WINDOWS\system32\rasapi32.dll
2020-12-12 15:16:22 ----A---- C:\WINDOWS\system32\netshell.dll
2020-12-12 15:16:22 ----A---- C:\WINDOWS\system32\netid.dll
2020-12-12 15:16:22 ----A---- C:\WINDOWS\system32\netcfgx.dll
2020-12-12 15:15:29 ----A---- C:\WINDOWS\system32\SDDS.dll
2020-12-12 15:15:29 ----A---- C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-12 15:15:29 ----A---- C:\WINDOWS\system32\FilterDS.dll
2020-12-12 15:15:29 ----A---- C:\WINDOWS\system32\DDDS.dll
2020-12-12 15:15:29 ----A---- C:\WINDOWS\system32\BingFilterDS.dll
2020-12-12 15:15:29 ----A---- C:\WINDOWS\system32\BingASDS.dll
2020-12-12 15:15:28 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-12 15:15:28 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-12 15:15:28 ----A---- C:\WINDOWS\system32\profsvcext.dll
2020-12-12 15:15:28 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-12-12 15:15:27 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-12 15:15:27 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2020-12-12 15:15:27 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-12 15:15:27 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-12-12 15:15:27 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2020-12-12 15:15:27 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\unenrollhook.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\policymanager.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\omadmclient.exe
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\omadmapi.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-12 15:15:26 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\LogonController.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\dmcsps.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\dmcfgutils.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\coredpus.dll
2020-12-12 15:15:25 ----A---- C:\WINDOWS\system32\configmanager2.dll
2020-12-12 15:15:24 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-12-12 15:15:24 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2020-12-12 15:15:24 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:15:24 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-12-12 15:15:24 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-12-12 15:15:23 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-12-12 15:15:23 ----A---- C:\WINDOWS\system32\gmsaclient.dll
2020-12-12 15:15:23 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-12-12 15:15:23 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-12-12 15:15:22 ----A---- C:\WINDOWS\system32\sechost.dll
2020-12-12 15:15:22 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2020-12-12 15:15:22 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2020-12-12 15:15:22 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-12 15:15:21 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-12-12 15:15:20 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-12-12 15:15:20 ----A---- C:\WINDOWS\system32\weretw.dll
2020-12-12 15:15:20 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-12 15:15:20 ----A---- C:\WINDOWS\system32\wer.dll
2020-12-12 15:15:20 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2020-12-12 15:15:19 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-12-12 15:15:19 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15:19 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2020-12-12 15:15:19 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2020-12-12 15:15:19 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-12-12 15:15:18 ----A---- C:\WINDOWS\system32\rpcss.dll
2020-12-12 15:15:18 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2020-12-12 15:15:18 ----A---- C:\WINDOWS\system32\msv1_0.dll
2020-12-12 15:15:18 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-12-12 15:15:18 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-12-12 15:15:18 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2020-12-12 15:15:17 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-12 15:15:17 ----A---- C:\WINDOWS\system32\wldp.dll
2020-12-12 15:15:17 ----A---- C:\WINDOWS\system32\WinTypes.dll
2020-12-12 15:15:17 ----A---- C:\WINDOWS\system32\wincorlib.dll
2020-12-12 15:15:17 ----A---- C:\WINDOWS\system32\combase.dll
2020-12-12 15:15:17 ----A---- C:\WINDOWS\system32\ci.dll
2020-12-12 15:15:17 ----A---- C:\WINDOWS\system32\bcrypt.dll
2020-12-12 15:15:16 ----A---- C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-12 15:15:16 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-12-12 15:15:16 ----A---- C:\WINDOWS\system32\taskhostw.exe
2020-12-12 15:15:16 ----A---- C:\WINDOWS\system32\taskcomp.dll
2020-12-12 15:15:16 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-12-12 15:15:16 ----A---- C:\WINDOWS\system32\schtasks.exe
2020-12-12 15:15:16 ----A---- C:\WINDOWS\system32\schedsvc.dll
2020-12-12 15:15:14 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-12-12 15:15:14 ----A---- C:\WINDOWS\system32\shell32.dll
2020-12-12 15:15:14 ----A---- C:\WINDOWS\system32\ntshrui.dll
2020-12-12 15:15:14 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2020-12-12 15:15:14 ----A---- C:\WINDOWS\system32\dcomp.dll
2020-12-12 15:15:13 ----A---- C:\WINDOWS\system32\winresume.exe
2020-12-12 15:15:13 ----A---- C:\WINDOWS\system32\winload.exe
2020-12-12 15:15:13 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2020-12-12 15:15:13 ----A---- C:\WINDOWS\system32\CertPolEng.dll
2020-12-12 15:15:12 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-12 15:15:12 ----A---- C:\WINDOWS\system32\shacct.dll
2020-12-12 15:15:12 ----A---- C:\WINDOWS\system32\cldapi.dll
2020-12-12 15:15:12 ----A---- C:\WINDOWS\system32\btpanui.dll
2020-12-12 15:14:08 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-12 15:14:08 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-12 15:14:08 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-12 15:14:07 ----A---- C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-12 15:14:07 ----A---- C:\WINDOWS\system32\UsoClient.exe
2020-12-12 15:14:07 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-12 15:14:07 ----A---- C:\WINDOWS\system32\AppResolver.dll
2020-12-12 15:14:06 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-12-12 15:14:06 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-12-12 15:14:05 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-12-12 15:14:05 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2020-12-12 15:14:04 ----A---- C:\WINDOWS\system32\winipcsecproc.dll
2020-12-12 15:14:04 ----A---- C:\WINDOWS\system32\winipcfile.dll
2020-12-12 15:14:04 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-12-12 15:14:03 ----A---- C:\WINDOWS\system32\winmsipc.dll
2020-12-12 15:14:03 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2020-12-12 15:14:03 ----A---- C:\WINDOWS\system32\bindflt.dll
2020-12-12 15:14:02 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2020-12-12 15:14:01 ----A---- C:\WINDOWS\system32\win32u.dll
2020-12-12 15:14:01 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-12-12 15:14:01 ----A---- C:\WINDOWS\system32\win32k.sys
2020-12-12 15:14:00 ----A---- C:\WINDOWS\system32\user32.dll
2020-12-12 15:13:58 ----A---- C:\WINDOWS\system32\wintrust.dll
2020-12-12 15:13:58 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-12 15:13:58 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-12 15:13:58 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-12 15:13:57 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-12 15:13:57 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-12 15:13:57 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-12 15:13:57 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-12 15:13:56 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-12-12 15:13:56 ----A---- C:\WINDOWS\system32\InputHost.dll
2020-12-12 15:13:55 ----A---- C:\WINDOWS\system32\tquery.dll
2020-12-12 15:13:54 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:13:54 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-12-12 15:13:54 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-12-12 15:13:54 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-12-12 15:13:53 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-12 15:13:53 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-12-12 15:13:53 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-12 15:13:53 ----A---- C:\WINDOWS\system32\mssph.dll
2020-12-12 15:13:53 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-12-12 15:13:53 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-12-12 15:13:52 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2020-12-12 15:13:52 ----A---- C:\WINDOWS\system32\domgmt.dll
2020-12-12 15:13:51 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2020-12-12 15:13:51 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-12-12 15:13:50 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-12-12 15:13:50 ----A---- C:\WINDOWS\system32\gdi32.dll
2020-12-12 15:13:50 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2020-12-12 15:13:49 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-12 15:13:49 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2020-12-12 15:13:49 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2020-12-12 15:13:49 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-12 15:13:49 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2020-12-12 15:13:49 ----A---- C:\WINDOWS\system32\aadtb.dll
2020-12-12 15:13:48 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-12 15:13:48 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-12 15:13:48 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-12 15:13:48 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-12 15:13:48 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-12 15:13:48 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-12 15:13:47 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-12 15:13:47 ----A---- C:\WINDOWS\system32\netplwiz.dll
2020-12-12 15:13:46 ----A---- C:\WINDOWS\system32\StartTileData.dll
2020-12-12 15:13:46 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\winshfhc.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\netman.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\dsregtask.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\dsreg.dll
2020-12-12 15:13:45 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-12 15:13:44 ----A---- C:\WINDOWS\system32\WpcMon.exe
2020-12-12 15:13:44 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-12 15:13:44 ----A---- C:\WINDOWS\system32\Wpc.dll
2020-12-12 15:13:44 ----A---- C:\WINDOWS\system32\spoolsv.exe
2020-12-12 15:13:44 ----A---- C:\WINDOWS\system32\localspl.dll
2020-12-12 15:13:44 ----A---- C:\WINDOWS\splwow64.exe
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-12 15:13:43 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\ManageCI.dll
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-12-12 15:13:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-12-08 20:57:48 ----D---- C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55:56 ----D---- C:\Program Files (x86)\Jihosoft
2020-12-08 20:54:27 ----D---- C:\ProgramData\DAEMON Tools Pro
======List of files/folders modified in the last 1 month======
2020-12-26 17:17:33 ----D---- C:\WINDOWS\system32\drivers\etc
2020-12-26 17:17:32 ----D---- C:\Program Files\trend micro
2020-12-26 17:17:28 ----D---- C:\WINDOWS\Temp
2020-12-26 17:10:14 ----D---- C:\WINDOWS\Prefetch
2020-12-26 17:07:49 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-12-26 16:59:08 ----D---- C:\WINDOWS\system32\sru
2020-12-26 16:26:19 ----AD---- C:\Program Files\CCleaner
2020-12-26 16:09:42 ----D---- C:\Program Files\thinkorswim
2020-12-26 16:01:01 ----D---- C:\ProgramData\NVIDIA
2020-12-26 00:07:28 ----D---- C:\Program Files (x86)\Steam
2020-12-25 23:29:44 ----D---- C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 23:20:48 ----D---- C:\WINDOWS\system32\SleepStudy
2020-12-25 19:06:10 ----RD---- C:\WINDOWS\Microsoft.NET
2020-12-25 18:20:07 ----SD---- C:\Users\Interista\AppData\Roaming\Microsoft
2020-12-25 17:44:27 ----D---- C:\WINDOWS\INF
2020-12-25 16:12:31 ----D---- C:\ProgramData\NVIDIA Corporation
2020-12-24 18:01:12 ----D---- C:\ProgramData\CanonIJPLM
2020-12-23 13:57:04 ----D---- C:\WINDOWS\system32\config
2020-12-23 13:51:36 ----D---- C:\ProgramData\ProductData
2020-12-22 20:03:16 ----HD---- C:\ProgramData
2020-12-22 19:22:11 ----D---- C:\Games
2020-12-22 18:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2020-12-22 14:21:43 ----HD---- C:\Program Files\WindowsApps
2020-12-22 13:36:26 ----D---- C:\WINDOWS\system32\catroot2
2020-12-22 13:36:22 ----SHD---- C:\System Volume Information
2020-12-22 13:29:55 ----D---- C:\WINDOWS\WinSxS
2020-12-22 13:28:12 ----D---- C:\WINDOWS\Logs
2020-12-22 13:12:05 ----D---- C:\Downloads
2020-12-22 12:05:05 ----D---- C:\WINDOWS\AppReadiness
2020-12-18 16:38:33 ----D---- C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:38:31 ----HD---- C:\ProgramData\CanonIJMIG
2020-12-18 16:23:40 ----D---- C:\WINDOWS\system32\Tasks
2020-12-14 18:11:12 ----D---- C:\Jts
2020-12-13 15:13:02 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2020-12-13 10:36:45 ----D---- C:\WINDOWS\System32
2020-12-13 10:36:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:27:26 ----D---- C:\WINDOWS\system32\drivers
2020-12-12 23:07:02 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-12-12 23:07:02 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-12-12 23:07:01 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-12-12 23:07:01 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-12-12 23:07:01 ----D---- C:\WINDOWS\SysWOW64
2020-12-12 23:06:55 ----D---- C:\WINDOWS\SystemResources
2020-12-12 23:06:53 ----D---- C:\WINDOWS\system32\zh-TW
2020-12-12 23:06:53 ----D---- C:\WINDOWS\system32\oobe
2020-12-12 23:06:53 ----D---- C:\WINDOWS\system32\migration
2020-12-12 23:06:52 ----D---- C:\WINDOWS\system32\en-US
2020-12-12 23:06:52 ----D---- C:\WINDOWS\system32\drivers\en-US
2020-12-12 23:06:50 ----D---- C:\WINDOWS\system32\Dism
2020-12-12 23:06:50 ----D---- C:\WINDOWS\system32\cs-CZ
2020-12-12 23:06:49 ----D---- C:\WINDOWS\system32\Boot
2020-12-12 23:06:37 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06:37 ----D---- C:\WINDOWS\ShellExperiences
2020-12-12 23:06:36 ----D---- C:\WINDOWS\bcastdvr
2020-12-12 23:06:36 ----D---- C:\WINDOWS\apppatch
2020-12-12 23:06:36 ----D---- C:\Windows
2020-12-12 23:06:36 ----D---- C:\Program Files\Windows Defender
2020-12-12 23:06:36 ----D---- C:\Program Files (x86)\Windows Defender
2020-12-12 23:06:28 ----D---- C:\WINDOWS\system32\DriverStore
2020-12-12 18:59:10 ----HD---- C:\WINDOWS\ELAMBKUP
2020-12-12 15:30:48 ----D---- C:\WINDOWS\CbsTemp
2020-12-12 14:20:38 ----SHD---- C:\WINDOWS\Installer
2020-12-08 20:55:56 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2020-12-12 36792]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2020-12-12 247888]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2020-12-12 97360]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2020-12-12 16832]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2020-12-12 84496]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2020-12-12 326064]
R0 fbfmon;fbfmon; C:\WINDOWS\system32\drivers\fbfmon.sys [2013-01-18 57952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-01-18 39008]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-08-12 40960]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2020-12-12 208672]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2020-12-12 332880]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2020-12-12 42424]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2020-12-12 176384]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2020-12-12 522480]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2020-12-12 108928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2020-12-12 851256]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2020-12-12 469472]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 BPntDrv;BPntDrv; C:\WINDOWS\system32\drivers\BPntDrv.sys [2013-01-18 13408]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 RDPDISPM;RDPDISPM; C:\WINDOWS\System32\drivers\rdpdispm.sys [2010-08-31 10752]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2020-12-12 216984]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-12-12 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-03-19 185344]
R2 npf;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [2017-08-03 36600]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\windows\nvflsh64.sys [2009-01-07 40992]
R3 ACPIVPC;@oem17.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-01-18 29792]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-12-12 117064]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2020-07-03 231936]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-07-03 114688]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2019-03-19 57856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-03-19 133120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-07-03 99328]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
R3 DelayMan;@oem42.inf,%SvcDesc%;ACPI DelayMan Filter Service; C:\WINDOWS\system32\DRIVERS\delayman.sys [2013-01-18 20064]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2011-02-22 2750312]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2010-12-13 174168]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2019-03-19 446464]
R3 MEIx64;@oem11.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\System32\drivers\Netwsw00.sys [2019-03-19 11518976]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvlddmkm.sys [2017-03-17 14574640]
R3 NVR0Dev;NVR0Dev; \??\C:\windows\nvoclk64.sys [2009-01-06 40480]
R3 nvvhci;@oem31.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-10-11 57792]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-03-17 47032]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-07-03 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-14 18432]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-07-03 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-07-03 1428992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2020-07-03 20992]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2020-10-14 64512]
S3 hmatap;HMA TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\hmatap.sys [2018-09-05 36456]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-11-12 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 LVRS64;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-07-03 359424]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30144]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-03-17 47672]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2020-11-12 97088]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2020-07-03 986936]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-11-03 170056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-12-12 621728]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2020-12-12 351848]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2020-12-12 58048]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_8f68a42;Uživatelská služba platformy připojených zařízení_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2019-11-28 399296]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-31 2909472]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-03-19 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-12-07 139056]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-12-07 139056]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-12-07 139056]
R2 nTuneService;Performance Service; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [2009-01-06 255008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-03-17 464440]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460736]
R2 OneSyncSvc_8f68a42;Hostitel synchronizace_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-12-12 8477080]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_8f68a42;Uživatelská služba schránky_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_8f68a42;Agent Activation Runtime_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-19 54912]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_8f68a42;Uživatelská služba pro GameDVR a vysílání her_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_8f68a42;Služba pro podporu uživatelů Bluetooth_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_8f68a42;CaptureService_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_8f68a42;ConsentUX_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-14 381656]
S3 CredentialEnrollmentManagerUserSvc_8f68a42;CredentialEnrollmentManagerUserSvc_8f68a42; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-14 381656]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_8f68a42;DeviceAssociationBroker_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_8f68a42;DevicePicker_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_8f68a42;Tok zařízení_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-09-09 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-14 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-04-14 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2020-07-03 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [2020-12-02 1426928]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_8f68a42;Služba zasílání zpráv_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe [2020-12-17 1573776]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc_8f68a42;Data kontaktů_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_8f68a42;PrintWorkflow_8f68a42; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Interista (administrator) on LENOVOY570 (LENOVO 20091) (26-12-2020 22:55:27)
Running from C:\Users\Interista\Downloads
Loaded Profiles: Interista
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <20>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\Interista\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOWReliabilityMonitor.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TuneUp Software -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\OneClickStarter.exe
(TuneUp Software -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(TuneUp Software -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-30] (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (TEAMDEV LTD. -> The Chromium Authors)
HKLM\...\Windows x64\Print Processors\Canon MP150 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD7K.DLL [27136 2006-09-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDQ.DLL [482816 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5100 series: C:\WINDOWS\system32\CNMLMDQ.DLL [1302016 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2010-12-14] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => C:\windows\system32\pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => C:\windows\system32\pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.18.0.109/cs/ ... rogressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => C:\windows\system32\pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55363D4F-CCA3-456B-A426-C88A815B8D73} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1507328 2020-07-03] (Microsoft Windows -> Microsoft Corporation)
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F357CEA-B0CC-4194-A710-A6EDA0C4A4CE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7FC52079-5534-4399-AC83-1E5111629A15} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-20] (Avast Software s.r.o. -> Avast Software)
Task: {85FB035C-40D7-4848-B880-274E78884BCC} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D16113A-92CB-4AE8-B541-7403D15460E7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [1025912 2017-02-21] (Glarysoft LTD -> Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle America, Inc. -> Oracle Corporation)
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE38D499-DE2E-4C1A-88A1-05F111B5C9D5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Edge:
======
Edge Profile: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-26]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF DownloadDir: C:\Downloads
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-26]
CHR Notifications: Default -> hxxps://navratdoreality.cz; hxxps://web.telegram.org; hxxps://www.netflix.com; hxxps://www.tipsport.cz; hxxps://www.tradingview.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit Information Technology -> IObit)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA Corporation -> NVIDIA)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] (Datronicsoft, Inc. -> )
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software -> TuneUp Software)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA Corporation -> NVIDIA)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Lenovo (Beijing) Limited -> Ensurebit Inc.)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corporation -> NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corporation -> NVIDIA Corp.)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] (Datronicsoft, Inc. -> )
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] (Datronicsoft, Inc. -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software -> TuneUp Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 wdkmd; C:\WINDOWS\System32\drivers\WDKMD.sys [42392 2010-12-01] (Wireless Display -> Intel Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-26 22:55 - 2020-12-26 23:03 - 000041779 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 002286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 001222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 000001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 000001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 000000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 000000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 000001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 000001637 _____ C:\ProgramData\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 000000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 000215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 000215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 000219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 000000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-26 22:59 - 000000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:15 - 2020-12-12 15:15 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-08 21:04 - 2020-12-08 21:04 - 000000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 000000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 000001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 002487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 000000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 000000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 032079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 000134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-26 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-26 22:59 - 2017-07-03 16:24 - 000000000 ____D C:\FRST
2020-12-26 22:50 - 2020-07-03 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 000000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 000000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 000000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 000000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-26 16:03 - 2020-07-03 11:11 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 16:03 - 2020-07-03 11:11 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-26 16:03 - 2020-07-03 11:11 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 16:03 - 2020-07-03 11:11 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 16:03 - 2020-07-03 11:11 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-26 16:03 - 2020-07-03 11:11 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 16:03 - 2020-07-03 11:11 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 16:03 - 2020-07-03 11:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-26 16:01 - 2016-12-10 17:56 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-26 00:07 - 2014-06-19 21:08 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-25 23:29 - 2020-11-19 20:48 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 000000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 000000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 000000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 000000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 000002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 000000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 000000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 000000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 000000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 000001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 000000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 000000000 ____D C:\Users\DefaultAppPool
2020-12-13 15:09 - 2013-01-18 14:03 - 000499631 _____ C:\WINDOWS\system32\fastboot.set
2020-12-13 15:07 - 2020-07-03 11:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-13 10:36 - 2020-07-03 10:59 - 001875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 000783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 000172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 000000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 004948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:10 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-12 23:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 000000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 000000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories ========
2014-06-24 12:54 - 2014-06-24 12:54 - 000000162 _____ () C:\ProgramData\patch.dll
2013-11-20 12:08 - 2014-02-15 00:07 - 000000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 000000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 000042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 000050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 000433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 000000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 000000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 000029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 000002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Interista (26-12-2020 23:19:55)
Running from C:\Users\Interista\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace Stream Media 3.1.28 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\AceStream) (Version: 3.1.28 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-07-01] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-21] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-30] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-06] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-17] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [dropbox-NamespaceExtensionRole.Personal] => C:\Users\Interista\Dropbox [2014-07-30 18:50]
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software -> TuneUp Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software -> TuneUp Software)
ContextMenuHandlers4: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software -> TuneUp Software)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\":: <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
==================== Loaded Modules (Whitelisted) =============
2005-08-14 21:09 - 2005-08-14 21:09 - 000111616 _____ () [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\plugins\oldskin.dll
2017-12-11 21:18 - 2013-04-05 21:26 - 002106368 _____ () [File not signed] C:\Users\Interista\AppData\Roaming\BSplayer\AC3 Filter\ac3filter.ax
2017-12-11 21:18 - 2013-04-05 21:27 - 001021440 _____ () [File not signed] C:\Users\Interista\AppData\Roaming\BSplayer\AC3 Filter\ac3filter_intl.dll
2008-08-14 06:15 - 2008-08-14 06:15 - 000481792 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2013-01-18 13:23 - 2010-12-21 02:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2015-10-31 11:58 - 2015-10-31 11:58 - 005361352 _____ (BST) [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\bsrendv2.dll
2008-12-09 11:13 - 2008-12-09 11:13 - 000035328 _____ (BST) [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\mmkeybsupp.dll
2020-07-01 07:14 - 2017-12-07 10:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\cnmpu.dll
2020-07-01 07:28 - 2017-07-05 12:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2020-07-01 07:28 - 2017-07-05 12:49 - 000593920 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2012-09-18 16:01 - 2012-09-18 16:01 - 001098752 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\rtl120.bpl
2012-09-18 16:01 - 2012-09-18 16:01 - 001998336 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\vcl120.bpl
2012-09-18 16:01 - 2012-09-18 16:01 - 000270336 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\vclimg120.bpl
2012-09-18 16:01 - 2012-09-18 16:01 - 000952832 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\xmlrtl120.bpl
2013-01-18 13:23 - 2010-12-21 02:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2017-12-11 21:18 - 2013-04-05 21:26 - 000276992 _____ (IntelleSoft) [File not signed] C:\Users\Interista\AppData\Roaming\BSplayer\AC3 Filter\BugTrap.dll
2008-05-16 12:38 - 2008-05-16 12:38 - 001524736 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\MFC71.dll
2008-05-16 12:38 - 2008-05-16 12:38 - 000520192 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\MSVCR71.dll
2013-01-28 20:34 - 2008-06-20 23:11 - 001524736 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MFC71.dll
2013-01-28 20:34 - 2008-06-20 23:11 - 000978944 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MSVCP71.dll
2013-01-28 20:34 - 2008-06-20 23:11 - 000520192 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MSVCR71.dll
2016-10-07 18:06 - 2016-09-26 10:00 - 001616384 _____ (MPC-HC Team) [File not signed] C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub\vsfilter.dll
2018-02-16 08:50 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2009-01-06 15:49 - 2009-01-06 15:49 - 000024064 _____ (NVIDIA) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneServiceENU.dll
2009-01-06 15:51 - 2009-01-06 15:51 - 000698880 _____ (NVIDIA) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\nvsulib.dll
2009-01-07 16:15 - 2009-01-07 16:15 - 000024064 _____ (NVIDIA) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterServiceENU.dll
2012-09-19 12:08 - 2009-03-13 13:13 - 000109056 _____ (TuneUp Software) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\AppInitialization.bpl
2012-09-19 12:10 - 2009-03-13 13:13 - 000179200 _____ (TuneUp Software) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\tulic.dll
2018-02-16 08:50 - 2017-12-19 15:51 - 000088064 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2018-02-16 08:50 - 2017-12-19 15:51 - 000200192 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 000000101 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2015-01-03 21:09 - 2015-01-03 21:14 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WebDesign\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\WINDOWS\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Lenovo\Bluetooth Software;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe () [File not signed]
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe () [File not signed]
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe (Zenimax Media Inc. -> id Software Inc.) [File not signed]
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe (Zenimax Media Inc. -> id Software Inc.) [File not signed]
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0D4C4E73-0CE6-4678-835C-E37C8E0B728A}] => (Allow) C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{5D3C83F1-D383-41ED-9BF0-344C6AC9686C}] => (Allow) C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{BA540058-DC32-419A-A692-63EA96978DDC}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [UDP Query User{EF21C562-C5B8-4B3F-A0EE-4E9730668C06}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe (Datronicsoft, Inc. -> )
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe () [File not signed]
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe () [File not signed]
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:15:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (232,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:01:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20110.11001.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5a74
Čas spuštění: 01d6db9b4ae1d00e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: 01c3b3a4-3217-4d3f-a1e8-b422f37b82fd
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (12/26/2020 10:57:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3480,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 09:15:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14152,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 08:15:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9644,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 07:12:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17924,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 06:12:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/26/2020 11:09:03 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.Windows.ShellExperienceHost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy!App se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/26/2020 11:07:38 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.Windows.ShellExperienceHost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy!App se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/26/2020 04:04:17 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/26/2020 04:00:09 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 11:21:33 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 04:48:50 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 10:16:22 AM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 10:12:16 AM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2020-12-26 23:29:29.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:28:55.182
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:28:54.318
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:27:53.275
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:27:21.077
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:26:51.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:26:22.966
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:25:38.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 47CN27WW(V2.05) 05/13/2011
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3071.39 MB
Total Virtual: 16327.86 MB
Available Virtual: 9444.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:145.84 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
\\?\Volume{1e6aa9f0-6168-11e2-9a21-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt =======================
Ran by Interista (administrator) on LENOVOY570 (LENOVO 20091) (26-12-2020 22:55:27)
Running from C:\Users\Interista\Downloads
Loaded Profiles: Interista
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <20>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\Interista\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOWReliabilityMonitor.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TuneUp Software -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\OneClickStarter.exe
(TuneUp Software -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(TuneUp Software -> TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-30] (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (TEAMDEV LTD. -> The Chromium Authors)
HKLM\...\Windows x64\Print Processors\Canon MP150 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD7K.DLL [27136 2006-09-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDQ.DLL [482816 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5100 series: C:\WINDOWS\system32\CNMLMDQ.DLL [1302016 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2010-12-14] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => C:\windows\system32\pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => C:\windows\system32\pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.18.0.109/cs/ ... rogressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => C:\windows\system32\pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55363D4F-CCA3-456B-A426-C88A815B8D73} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1507328 2020-07-03] (Microsoft Windows -> Microsoft Corporation)
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F357CEA-B0CC-4194-A710-A6EDA0C4A4CE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7FC52079-5534-4399-AC83-1E5111629A15} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-20] (Avast Software s.r.o. -> Avast Software)
Task: {85FB035C-40D7-4848-B880-274E78884BCC} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D16113A-92CB-4AE8-B541-7403D15460E7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [1025912 2017-02-21] (Glarysoft LTD -> Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle America, Inc. -> Oracle Corporation)
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001" /ENABLE
Task: {DA8D7056-FB52-40F5-90C5-C24BDF4E94DF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE38D499-DE2E-4C1A-88A1-05F111B5C9D5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Edge:
======
Edge Profile: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-26]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF DownloadDir: C:\Downloads
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-26]
CHR Notifications: Default -> hxxps://navratdoreality.cz; hxxps://web.telegram.org; hxxps://www.netflix.com; hxxps://www.tipsport.cz; hxxps://www.tradingview.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit Information Technology -> IObit)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA Corporation -> NVIDIA)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] (Datronicsoft, Inc. -> )
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software -> TuneUp Software)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA Corporation -> NVIDIA)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Lenovo (Beijing) Limited -> Ensurebit Inc.)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corporation -> NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corporation -> NVIDIA Corp.)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] (Datronicsoft, Inc. -> )
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] (Datronicsoft, Inc. -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software -> TuneUp Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 wdkmd; C:\WINDOWS\System32\drivers\WDKMD.sys [42392 2010-12-01] (Wireless Display -> Intel Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-26 22:55 - 2020-12-26 23:03 - 000041779 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 002286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 001222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 000001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 000001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 000000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 000000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 000001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 000001637 _____ C:\ProgramData\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 000000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 000215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 000215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 000219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 000000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-26 22:59 - 000000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:15 - 2020-12-12 15:15 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-08 21:04 - 2020-12-08 21:04 - 000000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 000000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 000001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 002487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 000000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 000000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 032079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 000134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-26 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-26 22:59 - 2017-07-03 16:24 - 000000000 ____D C:\FRST
2020-12-26 22:50 - 2020-07-03 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 000000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 000000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 000000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 000000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-26 16:03 - 2020-07-03 11:11 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 16:03 - 2020-07-03 11:11 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-26 16:03 - 2020-07-03 11:11 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 16:03 - 2020-07-03 11:11 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 16:03 - 2020-07-03 11:11 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-26 16:03 - 2020-07-03 11:11 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 16:03 - 2020-07-03 11:11 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 16:03 - 2020-07-03 11:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-26 16:01 - 2016-12-10 17:56 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-26 00:07 - 2014-06-19 21:08 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-25 23:29 - 2020-11-19 20:48 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 000000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 000000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 000000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 000000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 000002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 000000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 000000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 000000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 000000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 000001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 000000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 000000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 000000000 ____D C:\Users\DefaultAppPool
2020-12-13 15:09 - 2013-01-18 14:03 - 000499631 _____ C:\WINDOWS\system32\fastboot.set
2020-12-13 15:07 - 2020-07-03 11:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-13 10:36 - 2020-07-03 10:59 - 001875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 000783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 000172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 000000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 004948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:10 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-12 23:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 000000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 000000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories ========
2014-06-24 12:54 - 2014-06-24 12:54 - 000000162 _____ () C:\ProgramData\patch.dll
2013-11-20 12:08 - 2014-02-15 00:07 - 000000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 000000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 000004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 000042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 000050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 000433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 000000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 000000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 000029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 000002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Interista (26-12-2020 23:19:55)
Running from C:\Users\Interista\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace Stream Media 3.1.28 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\AceStream) (Version: 3.1.28 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-07-01] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-21] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-30] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-06] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-17] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [dropbox-NamespaceExtensionRole.Personal] => C:\Users\Interista\Dropbox [2014-07-30 18:50]
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software -> TuneUp Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software -> TuneUp Software)
ContextMenuHandlers4: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software -> TuneUp Software)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\":: <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
==================== Loaded Modules (Whitelisted) =============
2005-08-14 21:09 - 2005-08-14 21:09 - 000111616 _____ () [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\plugins\oldskin.dll
2017-12-11 21:18 - 2013-04-05 21:26 - 002106368 _____ () [File not signed] C:\Users\Interista\AppData\Roaming\BSplayer\AC3 Filter\ac3filter.ax
2017-12-11 21:18 - 2013-04-05 21:27 - 001021440 _____ () [File not signed] C:\Users\Interista\AppData\Roaming\BSplayer\AC3 Filter\ac3filter_intl.dll
2008-08-14 06:15 - 2008-08-14 06:15 - 000481792 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2013-01-18 13:23 - 2010-12-21 02:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2015-10-31 11:58 - 2015-10-31 11:58 - 005361352 _____ (BST) [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\bsrendv2.dll
2008-12-09 11:13 - 2008-12-09 11:13 - 000035328 _____ (BST) [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\mmkeybsupp.dll
2020-07-01 07:14 - 2017-12-07 10:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\cnmpu.dll
2020-07-01 07:28 - 2017-07-05 12:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2020-07-01 07:28 - 2017-07-05 12:49 - 000593920 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2012-09-18 16:01 - 2012-09-18 16:01 - 001098752 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\rtl120.bpl
2012-09-18 16:01 - 2012-09-18 16:01 - 001998336 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\vcl120.bpl
2012-09-18 16:01 - 2012-09-18 16:01 - 000270336 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\vclimg120.bpl
2012-09-18 16:01 - 2012-09-18 16:01 - 000952832 _____ (Embarcadero Technologies, Inc.) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\xmlrtl120.bpl
2013-01-18 13:23 - 2010-12-21 02:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2017-12-11 21:18 - 2013-04-05 21:26 - 000276992 _____ (IntelleSoft) [File not signed] C:\Users\Interista\AppData\Roaming\BSplayer\AC3 Filter\BugTrap.dll
2008-05-16 12:38 - 2008-05-16 12:38 - 001524736 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\MFC71.dll
2008-05-16 12:38 - 2008-05-16 12:38 - 000520192 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\MSVCR71.dll
2013-01-28 20:34 - 2008-06-20 23:11 - 001524736 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MFC71.dll
2013-01-28 20:34 - 2008-06-20 23:11 - 000978944 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MSVCP71.dll
2013-01-28 20:34 - 2008-06-20 23:11 - 000520192 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MSVCR71.dll
2016-10-07 18:06 - 2016-09-26 10:00 - 001616384 _____ (MPC-HC Team) [File not signed] C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub\vsfilter.dll
2018-02-16 08:50 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2009-01-06 15:49 - 2009-01-06 15:49 - 000024064 _____ (NVIDIA) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneServiceENU.dll
2009-01-06 15:51 - 2009-01-06 15:51 - 000698880 _____ (NVIDIA) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\nTune\nvsulib.dll
2009-01-07 16:15 - 2009-01-07 16:15 - 000024064 _____ (NVIDIA) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterServiceENU.dll
2012-09-19 12:08 - 2009-03-13 13:13 - 000109056 _____ (TuneUp Software) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\AppInitialization.bpl
2012-09-19 12:10 - 2009-03-13 13:13 - 000179200 _____ (TuneUp Software) [File not signed] C:\Program Files (x86)\TuneUp Utilities 2013\tulic.dll
2018-02-16 08:50 - 2017-12-19 15:51 - 000088064 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2018-02-16 08:50 - 2017-12-19 15:51 - 000200192 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 000000101 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2015-01-03 21:09 - 2015-01-03 21:14 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WebDesign\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\WINDOWS\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Lenovo\Bluetooth Software;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe (Innovative Digital Technologies -> )
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe () [File not signed]
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe () [File not signed]
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe (Zenimax Media Inc. -> id Software Inc.) [File not signed]
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe (Zenimax Media Inc. -> id Software Inc.) [File not signed]
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0D4C4E73-0CE6-4678-835C-E37C8E0B728A}] => (Allow) C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{5D3C83F1-D383-41ED-9BF0-344C6AC9686C}] => (Allow) C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{BA540058-DC32-419A-A692-63EA96978DDC}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [UDP Query User{EF21C562-C5B8-4B3F-A0EE-4E9730668C06}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe (Datronicsoft, Inc. -> )
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe () [File not signed]
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe () [File not signed]
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:15:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (232,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:01:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20110.11001.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5a74
Čas spuštění: 01d6db9b4ae1d00e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: 01c3b3a4-3217-4d3f-a1e8-b422f37b82fd
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (12/26/2020 10:57:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3480,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 09:15:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14152,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 08:15:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9644,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 07:12:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17924,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 06:12:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/26/2020 11:09:03 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.Windows.ShellExperienceHost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy!App se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/26/2020 11:07:38 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.Windows.ShellExperienceHost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy!App se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/26/2020 04:04:17 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/26/2020 04:00:09 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 11:21:33 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 04:48:50 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 10:16:22 AM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2020 10:12:16 AM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2020-12-26 23:29:29.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:28:55.182
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:28:54.318
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:27:53.275
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:27:21.077
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:26:51.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:26:22.966
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-26 23:25:38.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 47CN27WW(V2.05) 05/13/2011
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3071.39 MB
Total Virtual: 16327.86 MB
Available Virtual: 9444.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:145.84 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
\\?\Volume{1e6aa9f0-6168-11e2-9a21-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-27-2020
# Duration: 00:00:24
# OS: Windows 10 Home
# Cleaned: 49
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\IObit\Advanced SystemCare V8
Deleted C:\Users\Interista\AppData\LocalLow\.acestream
Deleted C:\Users\Interista\AppData\LocalLow\IObit\Advanced SystemCare V8
Deleted C:\Users\Interista\AppData\Roaming\.acestream
Deleted C:\Users\Interista\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted C:\Users\Interista\AppData\Roaming\Seznam.cz
Deleted C:\Users\Interista\AppData\Roaming\acestream
Deleted C:\_acestream_cache_
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\A8CF961A320F401C100AAB7EF8BB3D7C
Deleted HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37E93524-C1A1-480B-BDB5-19BB8E32FBCF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81E5D80F-D8CA-4E63-A33F-29881F958F0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD938D2F-9E7D-45A0-A947-60F56D1728A3}
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted HKCU\Software\AceStream
Deleted HKCU\Software\Classes\.acelive
Deleted HKCU\Software\Classes\.acemedia
Deleted HKCU\Software\Classes\.acestream
Deleted HKCU\Software\Classes\.tslive
Deleted HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Deleted HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Deleted HKCU\Software\Classes\acestream
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted HKCU\Software\RegisteredApplications|AceStream
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\A8CF961A320F401C100AAB7EF8BB3D7C
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|KuaiZip Shell Extension
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BA540058-DC32-419A-A692-63EA96978DDC}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EF21C562-C5B8-4B3F-A0EE-4E9730668C06}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0D4C4E73-0CE6-4678-835C-E37C8E0B728A}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5D3C83F1-D383-41ED-9BF0-344C6AC9686C}
Deleted HKLM\Software\Classes\.acestream
Deleted HKLM\Software\Classes\CLSID\{35F4BB37-03C5-41DE-85AF-7C301390C7EC}
Deleted HKLM\Software\Wow6432Node\A8CF961A320F401C100AAB7EF8BB3D7C
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7842 octets] - [27/12/2020 12:05:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-27-2020
# Duration: 00:00:24
# OS: Windows 10 Home
# Cleaned: 49
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\IObit\Advanced SystemCare V8
Deleted C:\Users\Interista\AppData\LocalLow\.acestream
Deleted C:\Users\Interista\AppData\LocalLow\IObit\Advanced SystemCare V8
Deleted C:\Users\Interista\AppData\Roaming\.acestream
Deleted C:\Users\Interista\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted C:\Users\Interista\AppData\Roaming\Seznam.cz
Deleted C:\Users\Interista\AppData\Roaming\acestream
Deleted C:\_acestream_cache_
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\A8CF961A320F401C100AAB7EF8BB3D7C
Deleted HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37E93524-C1A1-480B-BDB5-19BB8E32FBCF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81E5D80F-D8CA-4E63-A33F-29881F958F0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD938D2F-9E7D-45A0-A947-60F56D1728A3}
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted HKCU\Software\AceStream
Deleted HKCU\Software\Classes\.acelive
Deleted HKCU\Software\Classes\.acemedia
Deleted HKCU\Software\Classes\.acestream
Deleted HKCU\Software\Classes\.tslive
Deleted HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Deleted HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Deleted HKCU\Software\Classes\acestream
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted HKCU\Software\RegisteredApplications|AceStream
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\A8CF961A320F401C100AAB7EF8BB3D7C
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|KuaiZip Shell Extension
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BA540058-DC32-419A-A692-63EA96978DDC}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EF21C562-C5B8-4B3F-A0EE-4E9730668C06}C:\users\interista\appdata\roaming\acestream\engine\ace_engine.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0D4C4E73-0CE6-4678-835C-E37C8E0B728A}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5D3C83F1-D383-41ED-9BF0-344C6AC9686C}
Deleted HKLM\Software\Classes\.acestream
Deleted HKLM\Software\Classes\CLSID\{35F4BB37-03C5-41DE-85AF-7C301390C7EC}
Deleted HKLM\Software\Wow6432Node\A8CF961A320F401C100AAB7EF8BB3D7C
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7842 octets] - [27/12/2020 12:05:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2017 (ATTENTION: ====> FRSTversion is 1274 days old and could be outdated)
Ran by Interista (administrator) on LENOVOY570 (27-12-2020 12:50:09)
Running from C:\Users\Interista\Desktop
Loaded Profiles: Interista (Available Profiles: Interista & DefaultAppPool)
Platform: Windows 10 Home Version 1909 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\spacedeskService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\spacedeskServiceTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-07-03] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (The Chromium Authors)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll [2020-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll [2020-12-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: Profiles/o0pndij1.default-release [not found] <==== ATTENTION
FF ProfilePath: [Install308046B0AF4A39CB]
Default=Profiles/zzhr6rop.default-1422064931351-1566033171066
Locked=1
[Profile2]
Name=default-release
IsRelative=1
Path=Profiles/o0pndij1.default-release
[Profile1]
Name=dev-edition-default
IsRelative=1
Path=Profiles/tbtfhk42.dev-edition-default
[Profile0]
Name=default-1422064931351
IsRelative=1
Path=Profiles/zzhr6rop.default-1422064931351-1566033171066
Default=1
[General]
StartWithLastProfile=1
Version=2
[InstallE7CF176E110C211B]
Default=Profiles/o0pndij1.default-release
Locked=1
[not found] <==== ATTENTION
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [195584 2020-07-18] (Microsoft Corporation)
S3 AarSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (AVAST Software)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1393664 2020-07-03] (Microsoft Corporation)
S3 BcastDVRUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-07-03] (Microsoft Corporation)
S3 BluetoothUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [237056 2020-11-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1077248 2020-10-14] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [705536 2020-10-14] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [368640 2020-07-03] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128512 2020-07-18] (Microsoft Corporation)
S3 CaptureService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1125376 2020-07-18] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177664 2020-07-03] (Microsoft Corporation)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_73a35; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [231912 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185952 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [467456 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338944 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [215040 2020-07-18] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [405504 2020-08-12] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-07-03] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [1426928 2020-12-02] (Google LLC)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] ()
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2481664 2020-12-12] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1748480 2020-12-12] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [340992 2020-08-12] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe [1573776 2020-12-17] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-07-03] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-07-03] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [179200 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [284672 2020-10-14] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [477184 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2020-07-03] (Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-07-03] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [319304 2020-11-12] (Microsoft Corporation)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [544256 2020-12-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [406528 2020-12-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729600 2020-12-12] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [924160 2020-12-12] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [2138112 2020-12-12] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2020-07-03] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2020-08-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-08-12] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (AVAST Software)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-07-03] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-07-03] (Microsoft Corporation)
R3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [117064 2020-12-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2020-07-03] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Ensurebit Inc.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-07-03] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [64512 2020-10-14] (Microsoft Corporation)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (The OpenVPN Project)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [359424 2020-07-03] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-03-17] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [97088 2020-11-12] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] ()
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-07-03] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-07-03] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-07-03] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-07-03] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-07-03] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2020-07-03] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [205112 2020-07-03] (Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2020-12-27 12:51 - 00043402 _____ C:\Users\Interista\Desktop\FRST.txt
2020-12-27 12:40 - 2020-12-27 12:45 - 124569178 _____ C:\Users\Interista\Downloads\Misa jazycek.mp4
2020-12-27 11:56 - 2020-12-27 11:56 - 02086424 _____ (Malwarebytes) C:\Users\Interista\Downloads\MBSetup.exe
2020-12-27 11:55 - 2020-12-27 11:55 - 08447152 _____ (Malwarebytes) C:\Users\Interista\Desktop\adwcleaner_8.0.8.exe
2020-12-26 23:19 - 2020-12-26 23:33 - 00068225 _____ C:\Users\Interista\Downloads\Addition.txt
2020-12-26 22:55 - 2020-12-26 23:33 - 00057374 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 02286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 01222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 00001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 00001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 00000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 00001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 00219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 00000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-27 12:19 - 00000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 00216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 00340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 25445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 18038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 07823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 06316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 22651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 05770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 04348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 02045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-12-12 15:17 - 2020-12-12 15:17 - 00166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 06526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 03761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 02585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:16 - 2020-12-12 15:16 - 00101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 09925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 07604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 07274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-12-12 15:15 - 2020-12-12 15:15 - 00461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 15:14 - 2020-12-12 15:14 - 06196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 03728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 06233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 04005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 02525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 00001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 02487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 32079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 00134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2017-07-03 16:24 - 00000000 ____D C:\FRST
2020-12-27 12:45 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 12:21 - 2014-06-19 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2020-12-27 12:10 - 2013-01-18 14:03 - 00379639 _____ C:\WINDOWS\system32\fastboot.set
2020-12-27 12:09 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2020-12-27 12:08 - 2020-07-03 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 12:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 12:06 - 2015-01-23 14:01 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\IObit
2020-12-27 12:06 - 2015-01-23 14:00 - 00000000 ____D C:\Users\Interista\AppData\Roaming\IObit
2020-12-27 12:05 - 2014-04-15 12:53 - 00000000 ____D C:\AdwCleaner
2020-12-26 23:57 - 2020-07-03 11:11 - 00003512 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-12-26 23:57 - 2020-07-03 11:11 - 00003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003288 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2020-12-26 23:57 - 2020-07-03 11:11 - 00003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 23:57 - 2020-07-03 11:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2020-12-26 23:04 - 2014-05-23 09:31 - 00000000 ____D C:\Games - ISO
2020-12-26 22:50 - 2020-07-03 10:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 00000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 00000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 00000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 00000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2020-12-25 23:29 - 2020-11-19 20:48 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 00000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 00000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 00000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 00000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 00000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 00002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 00000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 00000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 00000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 00000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 00001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 00000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 00000000 ____D C:\Users\DefaultAppPool
2020-12-13 10:36 - 2020-07-03 10:59 - 01875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 00783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 00172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 00000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 04948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:07 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 00176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 00522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 00042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 00016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 00332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 00036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 00208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 00851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 00000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 00000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2013-11-20 12:08 - 2014-02-15 00:07 - 0000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 0000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 0042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 0050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 0433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 0000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 0000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 0029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 0002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
2014-06-24 12:54 - 2014-06-24 12:54 - 0000162 _____ () C:\ProgramData\patch.dll
Files to move or delete:
====================
C:\ProgramData\patch.dll
Some files in TEMP:
====================
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole1869230643674649490.dll
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole5790008258529380124.dll
2020-12-22 18:37 - 2020-12-22 18:37 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole8267134282073484264.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Ran by Interista (administrator) on LENOVOY570 (27-12-2020 12:50:09)
Running from C:\Users\Interista\Desktop
Loaded Profiles: Interista (Available Profiles: Interista & DefaultAppPool)
Platform: Windows 10 Home Version 1909 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\spacedeskService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\spacedeskServiceTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-07-03] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (The Chromium Authors)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll [2020-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll [2020-12-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: Profiles/o0pndij1.default-release [not found] <==== ATTENTION
FF ProfilePath: [Install308046B0AF4A39CB]
Default=Profiles/zzhr6rop.default-1422064931351-1566033171066
Locked=1
[Profile2]
Name=default-release
IsRelative=1
Path=Profiles/o0pndij1.default-release
[Profile1]
Name=dev-edition-default
IsRelative=1
Path=Profiles/tbtfhk42.dev-edition-default
[Profile0]
Name=default-1422064931351
IsRelative=1
Path=Profiles/zzhr6rop.default-1422064931351-1566033171066
Default=1
[General]
StartWithLastProfile=1
Version=2
[InstallE7CF176E110C211B]
Default=Profiles/o0pndij1.default-release
Locked=1
[not found] <==== ATTENTION
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [195584 2020-07-18] (Microsoft Corporation)
S3 AarSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (AVAST Software)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1393664 2020-07-03] (Microsoft Corporation)
S3 BcastDVRUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-07-03] (Microsoft Corporation)
S3 BluetoothUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [237056 2020-11-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1077248 2020-10-14] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [705536 2020-10-14] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [368640 2020-07-03] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128512 2020-07-18] (Microsoft Corporation)
S3 CaptureService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1125376 2020-07-18] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177664 2020-07-03] (Microsoft Corporation)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_73a35; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [231912 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185952 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [467456 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338944 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [215040 2020-07-18] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [405504 2020-08-12] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-07-03] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [1426928 2020-12-02] (Google LLC)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] ()
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2481664 2020-12-12] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1748480 2020-12-12] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [340992 2020-08-12] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe [1573776 2020-12-17] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-07-03] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-07-03] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [179200 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [284672 2020-10-14] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [477184 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2020-07-03] (Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-07-03] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [319304 2020-11-12] (Microsoft Corporation)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [544256 2020-12-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [406528 2020-12-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729600 2020-12-12] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [924160 2020-12-12] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [2138112 2020-12-12] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2020-07-03] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2020-08-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-08-12] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (AVAST Software)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-07-03] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-07-03] (Microsoft Corporation)
R3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [117064 2020-12-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2020-07-03] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Ensurebit Inc.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-07-03] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [64512 2020-10-14] (Microsoft Corporation)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (The OpenVPN Project)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [359424 2020-07-03] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-03-17] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [97088 2020-11-12] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] ()
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-07-03] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-07-03] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-07-03] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-07-03] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-07-03] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2020-07-03] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [205112 2020-07-03] (Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2020-12-27 12:51 - 00043402 _____ C:\Users\Interista\Desktop\FRST.txt
2020-12-27 12:40 - 2020-12-27 12:45 - 124569178 _____ C:\Users\Interista\Downloads\Misa jazycek.mp4
2020-12-27 11:56 - 2020-12-27 11:56 - 02086424 _____ (Malwarebytes) C:\Users\Interista\Downloads\MBSetup.exe
2020-12-27 11:55 - 2020-12-27 11:55 - 08447152 _____ (Malwarebytes) C:\Users\Interista\Desktop\adwcleaner_8.0.8.exe
2020-12-26 23:19 - 2020-12-26 23:33 - 00068225 _____ C:\Users\Interista\Downloads\Addition.txt
2020-12-26 22:55 - 2020-12-26 23:33 - 00057374 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 02286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 01222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 00001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 00001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 00000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 00001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 00219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 00000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-27 12:19 - 00000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 00216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 00340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 25445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 18038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 07823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 06316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 22651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 05770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 04348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 02045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-12-12 15:17 - 2020-12-12 15:17 - 00166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 06526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 03761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 02585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:16 - 2020-12-12 15:16 - 00101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 09925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 07604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 07274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-12-12 15:15 - 2020-12-12 15:15 - 00461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 15:14 - 2020-12-12 15:14 - 06196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 03728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 06233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 04005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 02525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 00001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 02487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 32079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 00134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2017-07-03 16:24 - 00000000 ____D C:\FRST
2020-12-27 12:45 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 12:21 - 2014-06-19 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2020-12-27 12:10 - 2013-01-18 14:03 - 00379639 _____ C:\WINDOWS\system32\fastboot.set
2020-12-27 12:09 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2020-12-27 12:08 - 2020-07-03 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 12:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 12:06 - 2015-01-23 14:01 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\IObit
2020-12-27 12:06 - 2015-01-23 14:00 - 00000000 ____D C:\Users\Interista\AppData\Roaming\IObit
2020-12-27 12:05 - 2014-04-15 12:53 - 00000000 ____D C:\AdwCleaner
2020-12-26 23:57 - 2020-07-03 11:11 - 00003512 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-12-26 23:57 - 2020-07-03 11:11 - 00003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003288 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2020-12-26 23:57 - 2020-07-03 11:11 - 00003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 23:57 - 2020-07-03 11:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2020-12-26 23:04 - 2014-05-23 09:31 - 00000000 ____D C:\Games - ISO
2020-12-26 22:50 - 2020-07-03 10:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 00000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 00000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 00000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 00000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2020-12-25 23:29 - 2020-11-19 20:48 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 00000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 00000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 00000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 00000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 00000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 00002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 00000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 00000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 00000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 00000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 00001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 00000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 00000000 ____D C:\Users\DefaultAppPool
2020-12-13 10:36 - 2020-07-03 10:59 - 01875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 00783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 00172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 00000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 04948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:07 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 00176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 00522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 00042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 00016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 00332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 00036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 00208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 00851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 00000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 00000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2013-11-20 12:08 - 2014-02-15 00:07 - 0000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 0000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 0042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 0050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 0433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 0000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 0000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 0029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 0002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
2014-06-24 12:54 - 2014-06-24 12:54 - 0000162 _____ () C:\ProgramData\patch.dll
Files to move or delete:
====================
C:\ProgramData\patch.dll
Some files in TEMP:
====================
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole1869230643674649490.dll
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole5790008258529380124.dll
2020-12-22 18:37 - 2020-12-22 18:37 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole8267134282073484264.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Re: prosim o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2017
Ran by Interista (27-12-2020 12:53:36)
Running from C:\Users\Interista\Desktop
Windows 10 Home Version 1909 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers01: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers03: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers04: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers04: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation)
ContextMenuHandlers05: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2020-12-12] (Microsoft Corporation)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04B4FB2E-F791-4908-929F-42851D8A90FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2020-08-12] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {14F7E945-34BA-4A49-B982-226DE8D39347} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {16085BF3-B3CD-43ED-966D-2C3CA0C6DA89} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2020-07-03] (Microsoft Corporation)
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2F3C49C8-FAF3-4F74-97BB-3910FC3F88A9} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/cs/abandoninstall?page=tsProgressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {347FA60B-B61B-4E9B-8717-E06CFA2D419B} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2020-10-14] (Microsoft Corporation)
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56D11F39-CB83-45C0-B5CB-D6E091B1C509} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2020-03-19] (Piriform Software Ltd)
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2020-07-03] (Microsoft Corporation)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6CC1FEEE-1684-4348-81F1-A8D4C3211E16} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2020-09-20] (Avast Software)
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2020-12-12] (AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A25756A2-BC9B-410A-97B1-1160987E874A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [2017-02-21] (Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-10-14] ()
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-03-19] (Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D0BA0B86-4A6B-42CD-80B7-3A4967C52009} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D9D6D456-CAFB-401D-8DCF-DEEB2907C7B6} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12] (Oracle Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1DA6BFE-4499-491E-9FDB-7C01506ECE44} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2020-07-03] (Microsoft Corporation)
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-03-19 05:43 - 2019-03-19 05:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2016-12-10 17:56 - 2017-03-17 00:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2020-07-01 07:14 - 2019-11-28 13:16 - 00399296 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-20 19:39 - 2017-10-11 02:05 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00916392 _____ () C:\WINDOWS\System32\spacedeskService.exe
2019-06-03 09:11 - 2019-06-03 09:11 - 00188328 _____ () C:\WINDOWS\System32\spacedeskKtm.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00469928 _____ () C:\WINDOWS\System32\spacedeskServiceTray.exe
2020-11-12 15:37 - 2020-11-12 15:37 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-03-19 05:59 - 2019-03-19 12:57 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 05:43 - 2019-03-19 05:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2020-11-12 15:37 - 2020-11-12 15:37 - 00947512 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-12-16 18:27 - 2020-12-16 18:29 - 20139008 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Views.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 09864704 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-04-13 15:13 - 2020-04-13 15:13 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 02728448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 03778048 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00643072 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Devices.WinRT.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.CX.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01289728 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Messaging.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01901056 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 01339392 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.WinRT.dll
2020-09-09 19:16 - 2020-09-09 19:16 - 01799168 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-01-18 13:31 - 2011-01-18 03:36 - 00182560 _____ () C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
2008-12-20 04:20 - 2013-01-18 14:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 132979224 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 07627248 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libglesv2.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 00456176 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libegl.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 02700824 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 00420384 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2020-05-14 20:37 - 2020-12-18 22:11 - 01217824 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 119512864 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 08022816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 00381216 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 04730880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
2020-12-22 14:19 - 2020-12-22 14:20 - 00670208 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\GraphControl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 00028672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\TraceLogging.dll
2015-01-23 14:02 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-06-19 21:10 - 2020-12-18 22:11 - 01031456 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-19 21:10 - 2020-12-21 00:22 - 02938144 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 05138896 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00811984 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00352720 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00848336 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00784848 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2014-06-19 21:10 - 2020-12-21 00:21 - 01067296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-22 09:08 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 00000101 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDCDDDDA-3175-416E-AE3B-8285C5D091B2}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2020 12:52:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:44:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:38:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:21:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3964,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/27/2020 12:02:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:11:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9856,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:02:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 12:39:36 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:24:32 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:15:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (12/27/2020 12:14:46 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:11:51 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:09:06 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (12/27/2020 12:09:05 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba SNMP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba SNMP se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/27/2020 12:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-12-27 12:56:19.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:37.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:36.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:29.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:23.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:54:01.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3052.22 MB
Total Virtual: 16327.86 MB
Available Virtual: 10280.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:144.94 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt ============================
Ran by Interista (27-12-2020 12:53:36)
Running from C:\Users\Interista\Desktop
Windows 10 Home Version 1909 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers01: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers03: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers04: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers04: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation)
ContextMenuHandlers05: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2020-12-12] (Microsoft Corporation)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04B4FB2E-F791-4908-929F-42851D8A90FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2020-08-12] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {14F7E945-34BA-4A49-B982-226DE8D39347} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {16085BF3-B3CD-43ED-966D-2C3CA0C6DA89} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2020-07-03] (Microsoft Corporation)
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2F3C49C8-FAF3-4F74-97BB-3910FC3F88A9} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/cs/abandoninstall?page=tsProgressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {347FA60B-B61B-4E9B-8717-E06CFA2D419B} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2020-10-14] (Microsoft Corporation)
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56D11F39-CB83-45C0-B5CB-D6E091B1C509} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2020-03-19] (Piriform Software Ltd)
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2020-07-03] (Microsoft Corporation)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6CC1FEEE-1684-4348-81F1-A8D4C3211E16} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2020-09-20] (Avast Software)
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2020-12-12] (AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A25756A2-BC9B-410A-97B1-1160987E874A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [2017-02-21] (Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-10-14] ()
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-03-19] (Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D0BA0B86-4A6B-42CD-80B7-3A4967C52009} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D9D6D456-CAFB-401D-8DCF-DEEB2907C7B6} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12] (Oracle Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1DA6BFE-4499-491E-9FDB-7C01506ECE44} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2020-07-03] (Microsoft Corporation)
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-03-19 05:43 - 2019-03-19 05:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2016-12-10 17:56 - 2017-03-17 00:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2020-07-01 07:14 - 2019-11-28 13:16 - 00399296 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-20 19:39 - 2017-10-11 02:05 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00916392 _____ () C:\WINDOWS\System32\spacedeskService.exe
2019-06-03 09:11 - 2019-06-03 09:11 - 00188328 _____ () C:\WINDOWS\System32\spacedeskKtm.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00469928 _____ () C:\WINDOWS\System32\spacedeskServiceTray.exe
2020-11-12 15:37 - 2020-11-12 15:37 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-03-19 05:59 - 2019-03-19 12:57 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 05:43 - 2019-03-19 05:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2020-11-12 15:37 - 2020-11-12 15:37 - 00947512 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-12-16 18:27 - 2020-12-16 18:29 - 20139008 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Views.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 09864704 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-04-13 15:13 - 2020-04-13 15:13 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 02728448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 03778048 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00643072 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Devices.WinRT.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.CX.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01289728 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Messaging.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01901056 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 01339392 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.WinRT.dll
2020-09-09 19:16 - 2020-09-09 19:16 - 01799168 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-01-18 13:31 - 2011-01-18 03:36 - 00182560 _____ () C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
2008-12-20 04:20 - 2013-01-18 14:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 132979224 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 07627248 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libglesv2.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 00456176 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libegl.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 02700824 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 00420384 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2020-05-14 20:37 - 2020-12-18 22:11 - 01217824 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 119512864 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 08022816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 00381216 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 04730880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
2020-12-22 14:19 - 2020-12-22 14:20 - 00670208 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\GraphControl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 00028672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\TraceLogging.dll
2015-01-23 14:02 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-06-19 21:10 - 2020-12-18 22:11 - 01031456 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-19 21:10 - 2020-12-21 00:22 - 02938144 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 05138896 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00811984 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00352720 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00848336 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00784848 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2014-06-19 21:10 - 2020-12-21 00:21 - 01067296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-22 09:08 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 00000101 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDCDDDDA-3175-416E-AE3B-8285C5D091B2}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2020 12:52:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:44:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:38:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:21:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3964,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/27/2020 12:02:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:11:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9856,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:02:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 12:39:36 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:24:32 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:15:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (12/27/2020 12:14:46 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:11:51 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:09:06 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (12/27/2020 12:09:05 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba SNMP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba SNMP se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/27/2020 12:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-12-27 12:56:19.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:37.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:36.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:29.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:23.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:54:01.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3052.22 MB
Total Virtual: 16327.86 MB
Available Virtual: 10280.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:144.94 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Stáhněte novou verzi FRST a udělejte nový sken Tato skoro 4 roky prošlá.
Děkuji.ATTENTION: ====> FRSTversion is 1274 days old and could be outdated
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2017 (ATTENTION: ====> FRSTversion is 1274 days old and could be outdated)
Ran by Interista (administrator) on LENOVOY570 (27-12-2020 12:50:09)
Running from C:\Users\Interista\Desktop
Loaded Profiles: Interista (Available Profiles: Interista & DefaultAppPool)
Platform: Windows 10 Home Version 1909 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\spacedeskService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\spacedeskServiceTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-07-03] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (The Chromium Authors)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll [2020-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll [2020-12-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: Profiles/o0pndij1.default-release [not found] <==== ATTENTION
FF ProfilePath: [Install308046B0AF4A39CB]
Default=Profiles/zzhr6rop.default-1422064931351-1566033171066
Locked=1
[Profile2]
Name=default-release
IsRelative=1
Path=Profiles/o0pndij1.default-release
[Profile1]
Name=dev-edition-default
IsRelative=1
Path=Profiles/tbtfhk42.dev-edition-default
[Profile0]
Name=default-1422064931351
IsRelative=1
Path=Profiles/zzhr6rop.default-1422064931351-1566033171066
Default=1
[General]
StartWithLastProfile=1
Version=2
[InstallE7CF176E110C211B]
Default=Profiles/o0pndij1.default-release
Locked=1
[not found] <==== ATTENTION
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [195584 2020-07-18] (Microsoft Corporation)
S3 AarSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (AVAST Software)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1393664 2020-07-03] (Microsoft Corporation)
S3 BcastDVRUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-07-03] (Microsoft Corporation)
S3 BluetoothUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [237056 2020-11-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1077248 2020-10-14] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [705536 2020-10-14] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [368640 2020-07-03] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128512 2020-07-18] (Microsoft Corporation)
S3 CaptureService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1125376 2020-07-18] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177664 2020-07-03] (Microsoft Corporation)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_73a35; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [231912 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185952 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [467456 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338944 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [215040 2020-07-18] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [405504 2020-08-12] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-07-03] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [1426928 2020-12-02] (Google LLC)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] ()
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2481664 2020-12-12] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1748480 2020-12-12] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [340992 2020-08-12] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe [1573776 2020-12-17] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-07-03] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-07-03] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [179200 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [284672 2020-10-14] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [477184 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2020-07-03] (Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-07-03] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [319304 2020-11-12] (Microsoft Corporation)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [544256 2020-12-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [406528 2020-12-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729600 2020-12-12] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [924160 2020-12-12] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [2138112 2020-12-12] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2020-07-03] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2020-08-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-08-12] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (AVAST Software)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-07-03] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-07-03] (Microsoft Corporation)
R3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [117064 2020-12-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2020-07-03] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Ensurebit Inc.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-07-03] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [64512 2020-10-14] (Microsoft Corporation)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (The OpenVPN Project)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [359424 2020-07-03] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-03-17] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [97088 2020-11-12] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] ()
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-07-03] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-07-03] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-07-03] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-07-03] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-07-03] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2020-07-03] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [205112 2020-07-03] (Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2020-12-27 12:51 - 00043402 _____ C:\Users\Interista\Desktop\FRST.txt
2020-12-27 12:40 - 2020-12-27 12:45 - 124569178 _____ C:\Users\Interista\Downloads\Misa jazycek.mp4
2020-12-27 11:56 - 2020-12-27 11:56 - 02086424 _____ (Malwarebytes) C:\Users\Interista\Downloads\MBSetup.exe
2020-12-27 11:55 - 2020-12-27 11:55 - 08447152 _____ (Malwarebytes) C:\Users\Interista\Desktop\adwcleaner_8.0.8.exe
2020-12-26 23:19 - 2020-12-26 23:33 - 00068225 _____ C:\Users\Interista\Downloads\Addition.txt
2020-12-26 22:55 - 2020-12-26 23:33 - 00057374 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 02286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 01222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 00001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 00001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 00000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 00001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 00219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 00000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-27 12:19 - 00000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 00216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 00340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 25445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 18038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 07823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 06316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 22651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 05770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 04348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 02045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-12-12 15:17 - 2020-12-12 15:17 - 00166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 06526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 03761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 02585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:16 - 2020-12-12 15:16 - 00101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 09925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 07604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 07274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-12-12 15:15 - 2020-12-12 15:15 - 00461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 15:14 - 2020-12-12 15:14 - 06196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 03728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 06233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 04005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 02525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 00001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 02487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 32079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 00134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2017-07-03 16:24 - 00000000 ____D C:\FRST
2020-12-27 12:45 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 12:21 - 2014-06-19 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2020-12-27 12:10 - 2013-01-18 14:03 - 00379639 _____ C:\WINDOWS\system32\fastboot.set
2020-12-27 12:09 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2020-12-27 12:08 - 2020-07-03 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 12:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 12:06 - 2015-01-23 14:01 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\IObit
2020-12-27 12:06 - 2015-01-23 14:00 - 00000000 ____D C:\Users\Interista\AppData\Roaming\IObit
2020-12-27 12:05 - 2014-04-15 12:53 - 00000000 ____D C:\AdwCleaner
2020-12-26 23:57 - 2020-07-03 11:11 - 00003512 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-12-26 23:57 - 2020-07-03 11:11 - 00003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003288 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2020-12-26 23:57 - 2020-07-03 11:11 - 00003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 23:57 - 2020-07-03 11:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2020-12-26 23:04 - 2014-05-23 09:31 - 00000000 ____D C:\Games - ISO
2020-12-26 22:50 - 2020-07-03 10:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 00000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 00000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 00000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 00000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2020-12-25 23:29 - 2020-11-19 20:48 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 00000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 00000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 00000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 00000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 00000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 00002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 00000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 00000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 00000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 00000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 00001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 00000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 00000000 ____D C:\Users\DefaultAppPool
2020-12-13 10:36 - 2020-07-03 10:59 - 01875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 00783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 00172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 00000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 04948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:07 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 00176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 00522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 00042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 00016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 00332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 00036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 00208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 00851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 00000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 00000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2013-11-20 12:08 - 2014-02-15 00:07 - 0000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 0000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 0042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 0050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 0433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 0000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 0000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 0029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 0002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
2014-06-24 12:54 - 2014-06-24 12:54 - 0000162 _____ () C:\ProgramData\patch.dll
Files to move or delete:
====================
C:\ProgramData\patch.dll
Some files in TEMP:
====================
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole1869230643674649490.dll
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole5790008258529380124.dll
2020-12-22 18:37 - 2020-12-22 18:37 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole8267134282073484264.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Ran by Interista (administrator) on LENOVOY570 (27-12-2020 12:50:09)
Running from C:\Users\Interista\Desktop
Loaded Profiles: Interista (Available Profiles: Interista & DefaultAppPool)
Platform: Windows 10 Home Version 1909 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\spacedeskService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\spacedeskServiceTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-07-03] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (The Chromium Authors)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll [2020-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll [2020-12-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: Profiles/o0pndij1.default-release [not found] <==== ATTENTION
FF ProfilePath: [Install308046B0AF4A39CB]
Default=Profiles/zzhr6rop.default-1422064931351-1566033171066
Locked=1
[Profile2]
Name=default-release
IsRelative=1
Path=Profiles/o0pndij1.default-release
[Profile1]
Name=dev-edition-default
IsRelative=1
Path=Profiles/tbtfhk42.dev-edition-default
[Profile0]
Name=default-1422064931351
IsRelative=1
Path=Profiles/zzhr6rop.default-1422064931351-1566033171066
Default=1
[General]
StartWithLastProfile=1
Version=2
[InstallE7CF176E110C211B]
Default=Profiles/o0pndij1.default-release
Locked=1
[not found] <==== ATTENTION
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [195584 2020-07-18] (Microsoft Corporation)
S3 AarSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (AVAST Software)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1393664 2020-07-03] (Microsoft Corporation)
S3 BcastDVRUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-07-03] (Microsoft Corporation)
S3 BluetoothUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [237056 2020-11-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1077248 2020-10-14] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [705536 2020-10-14] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [368640 2020-07-03] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128512 2020-07-18] (Microsoft Corporation)
S3 CaptureService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1125376 2020-07-18] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177664 2020-07-03] (Microsoft Corporation)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_73a35; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [231912 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185952 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [467456 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338944 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [215040 2020-07-18] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [405504 2020-08-12] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-07-03] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [1426928 2020-12-02] (Google LLC)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] ()
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2481664 2020-12-12] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1748480 2020-12-12] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [340992 2020-08-12] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe [1573776 2020-12-17] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-07-03] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-07-03] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [179200 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [284672 2020-10-14] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [477184 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2020-07-03] (Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-07-03] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [319304 2020-11-12] (Microsoft Corporation)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [544256 2020-12-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [406528 2020-12-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729600 2020-12-12] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [924160 2020-12-12] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [2138112 2020-12-12] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2020-07-03] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2020-08-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-08-12] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (AVAST Software)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-07-03] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-07-03] (Microsoft Corporation)
R3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [117064 2020-12-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2020-07-03] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Ensurebit Inc.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-07-03] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [64512 2020-10-14] (Microsoft Corporation)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (The OpenVPN Project)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [359424 2020-07-03] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-03-17] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [97088 2020-11-12] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] ()
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-07-03] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-07-03] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-07-03] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-07-03] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-07-03] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2020-07-03] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [205112 2020-07-03] (Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2020-12-27 12:51 - 00043402 _____ C:\Users\Interista\Desktop\FRST.txt
2020-12-27 12:40 - 2020-12-27 12:45 - 124569178 _____ C:\Users\Interista\Downloads\Misa jazycek.mp4
2020-12-27 11:56 - 2020-12-27 11:56 - 02086424 _____ (Malwarebytes) C:\Users\Interista\Downloads\MBSetup.exe
2020-12-27 11:55 - 2020-12-27 11:55 - 08447152 _____ (Malwarebytes) C:\Users\Interista\Desktop\adwcleaner_8.0.8.exe
2020-12-26 23:19 - 2020-12-26 23:33 - 00068225 _____ C:\Users\Interista\Downloads\Addition.txt
2020-12-26 22:55 - 2020-12-26 23:33 - 00057374 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 02286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 01222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 00001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 00001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 00000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 00001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 00219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 00000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-27 12:19 - 00000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 00216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 00340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 25445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 18038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 07823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 06316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 22651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 05770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 04348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 02045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-12-12 15:17 - 2020-12-12 15:17 - 00166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 06526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 03761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 02585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:16 - 2020-12-12 15:16 - 00101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 09925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 07604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 07274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-12-12 15:15 - 2020-12-12 15:15 - 00461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 15:14 - 2020-12-12 15:14 - 06196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 03728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 06233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 04005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 02525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 00001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 02487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 32079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 00134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2017-07-03 16:24 - 00000000 ____D C:\FRST
2020-12-27 12:45 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 12:21 - 2014-06-19 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2020-12-27 12:10 - 2013-01-18 14:03 - 00379639 _____ C:\WINDOWS\system32\fastboot.set
2020-12-27 12:09 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2020-12-27 12:08 - 2020-07-03 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 12:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 12:06 - 2015-01-23 14:01 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\IObit
2020-12-27 12:06 - 2015-01-23 14:00 - 00000000 ____D C:\Users\Interista\AppData\Roaming\IObit
2020-12-27 12:05 - 2014-04-15 12:53 - 00000000 ____D C:\AdwCleaner
2020-12-26 23:57 - 2020-07-03 11:11 - 00003512 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-12-26 23:57 - 2020-07-03 11:11 - 00003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003288 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2020-12-26 23:57 - 2020-07-03 11:11 - 00003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 23:57 - 2020-07-03 11:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2020-12-26 23:04 - 2014-05-23 09:31 - 00000000 ____D C:\Games - ISO
2020-12-26 22:50 - 2020-07-03 10:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 00000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 00000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 00000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 00000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2020-12-25 23:29 - 2020-11-19 20:48 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 00000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 00000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 00000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 00000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 00000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 00002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 00000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 00000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 00000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 00000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 00001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 00000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 00000000 ____D C:\Users\DefaultAppPool
2020-12-13 10:36 - 2020-07-03 10:59 - 01875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 00783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 00172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 00000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 04948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:07 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 00176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 00522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 00042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 00016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 00332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 00036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 00208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 00851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 00000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 00000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2013-11-20 12:08 - 2014-02-15 00:07 - 0000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 0000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 0042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 0050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 0433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 0000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 0000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 0029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 0002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
2014-06-24 12:54 - 2014-06-24 12:54 - 0000162 _____ () C:\ProgramData\patch.dll
Files to move or delete:
====================
C:\ProgramData\patch.dll
Some files in TEMP:
====================
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole1869230643674649490.dll
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole5790008258529380124.dll
2020-12-22 18:37 - 2020-12-22 18:37 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole8267134282073484264.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Re: prosim o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2017
Ran by Interista (27-12-2020 12:53:36)
Running from C:\Users\Interista\Desktop
Windows 10 Home Version 1909 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers01: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers03: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers04: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers04: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation)
ContextMenuHandlers05: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2020-12-12] (Microsoft Corporation)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04B4FB2E-F791-4908-929F-42851D8A90FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2020-08-12] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {14F7E945-34BA-4A49-B982-226DE8D39347} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {16085BF3-B3CD-43ED-966D-2C3CA0C6DA89} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2020-07-03] (Microsoft Corporation)
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2F3C49C8-FAF3-4F74-97BB-3910FC3F88A9} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/cs/abandoninstall?page=tsProgressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {347FA60B-B61B-4E9B-8717-E06CFA2D419B} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2020-10-14] (Microsoft Corporation)
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56D11F39-CB83-45C0-B5CB-D6E091B1C509} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2020-03-19] (Piriform Software Ltd)
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2020-07-03] (Microsoft Corporation)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6CC1FEEE-1684-4348-81F1-A8D4C3211E16} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2020-09-20] (Avast Software)
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2020-12-12] (AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A25756A2-BC9B-410A-97B1-1160987E874A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [2017-02-21] (Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-10-14] ()
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-03-19] (Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D0BA0B86-4A6B-42CD-80B7-3A4967C52009} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D9D6D456-CAFB-401D-8DCF-DEEB2907C7B6} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12] (Oracle Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1DA6BFE-4499-491E-9FDB-7C01506ECE44} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2020-07-03] (Microsoft Corporation)
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-03-19 05:43 - 2019-03-19 05:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2016-12-10 17:56 - 2017-03-17 00:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2020-07-01 07:14 - 2019-11-28 13:16 - 00399296 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-20 19:39 - 2017-10-11 02:05 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00916392 _____ () C:\WINDOWS\System32\spacedeskService.exe
2019-06-03 09:11 - 2019-06-03 09:11 - 00188328 _____ () C:\WINDOWS\System32\spacedeskKtm.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00469928 _____ () C:\WINDOWS\System32\spacedeskServiceTray.exe
2020-11-12 15:37 - 2020-11-12 15:37 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-03-19 05:59 - 2019-03-19 12:57 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 05:43 - 2019-03-19 05:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2020-11-12 15:37 - 2020-11-12 15:37 - 00947512 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-12-16 18:27 - 2020-12-16 18:29 - 20139008 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Views.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 09864704 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-04-13 15:13 - 2020-04-13 15:13 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 02728448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 03778048 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00643072 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Devices.WinRT.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.CX.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01289728 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Messaging.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01901056 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 01339392 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.WinRT.dll
2020-09-09 19:16 - 2020-09-09 19:16 - 01799168 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-01-18 13:31 - 2011-01-18 03:36 - 00182560 _____ () C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
2008-12-20 04:20 - 2013-01-18 14:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 132979224 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 07627248 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libglesv2.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 00456176 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libegl.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 02700824 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 00420384 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2020-05-14 20:37 - 2020-12-18 22:11 - 01217824 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 119512864 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 08022816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 00381216 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 04730880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
2020-12-22 14:19 - 2020-12-22 14:20 - 00670208 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\GraphControl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 00028672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\TraceLogging.dll
2015-01-23 14:02 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-06-19 21:10 - 2020-12-18 22:11 - 01031456 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-19 21:10 - 2020-12-21 00:22 - 02938144 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 05138896 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00811984 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00352720 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00848336 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00784848 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2014-06-19 21:10 - 2020-12-21 00:21 - 01067296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-22 09:08 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 00000101 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDCDDDDA-3175-416E-AE3B-8285C5D091B2}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2020 12:52:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:44:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:38:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:21:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3964,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/27/2020 12:02:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:11:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9856,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:02:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 12:39:36 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:24:32 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:15:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (12/27/2020 12:14:46 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:11:51 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:09:06 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (12/27/2020 12:09:05 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba SNMP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba SNMP se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/27/2020 12:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-12-27 12:56:19.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:37.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:36.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:29.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:23.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:54:01.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3052.22 MB
Total Virtual: 16327.86 MB
Available Virtual: 10280.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:144.94 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt ============================
Ran by Interista (27-12-2020 12:53:36)
Running from C:\Users\Interista\Desktop
Windows 10 Home Version 1909 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers01: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers03: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers04: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers04: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation)
ContextMenuHandlers05: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2020-12-12] (Microsoft Corporation)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04B4FB2E-F791-4908-929F-42851D8A90FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2020-08-12] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {14F7E945-34BA-4A49-B982-226DE8D39347} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {16085BF3-B3CD-43ED-966D-2C3CA0C6DA89} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2020-07-03] (Microsoft Corporation)
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2F3C49C8-FAF3-4F74-97BB-3910FC3F88A9} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/cs/abandoninstall?page=tsProgressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {347FA60B-B61B-4E9B-8717-E06CFA2D419B} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2020-10-14] (Microsoft Corporation)
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56D11F39-CB83-45C0-B5CB-D6E091B1C509} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2020-03-19] (Piriform Software Ltd)
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2020-07-03] (Microsoft Corporation)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6CC1FEEE-1684-4348-81F1-A8D4C3211E16} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2020-09-20] (Avast Software)
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2020-12-12] (AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A25756A2-BC9B-410A-97B1-1160987E874A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [2017-02-21] (Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-10-14] ()
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-03-19] (Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D0BA0B86-4A6B-42CD-80B7-3A4967C52009} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D9D6D456-CAFB-401D-8DCF-DEEB2907C7B6} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12] (Oracle Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1DA6BFE-4499-491E-9FDB-7C01506ECE44} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2020-07-03] (Microsoft Corporation)
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-03-19 05:43 - 2019-03-19 05:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2016-12-10 17:56 - 2017-03-17 00:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2020-07-01 07:14 - 2019-11-28 13:16 - 00399296 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-20 19:39 - 2017-10-11 02:05 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00916392 _____ () C:\WINDOWS\System32\spacedeskService.exe
2019-06-03 09:11 - 2019-06-03 09:11 - 00188328 _____ () C:\WINDOWS\System32\spacedeskKtm.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00469928 _____ () C:\WINDOWS\System32\spacedeskServiceTray.exe
2020-11-12 15:37 - 2020-11-12 15:37 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-03-19 05:59 - 2019-03-19 12:57 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 05:43 - 2019-03-19 05:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2020-11-12 15:37 - 2020-11-12 15:37 - 00947512 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-12-16 18:27 - 2020-12-16 18:29 - 20139008 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Views.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 09864704 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-04-13 15:13 - 2020-04-13 15:13 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 02728448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 03778048 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00643072 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Devices.WinRT.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.CX.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01289728 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Messaging.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01901056 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 01339392 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.WinRT.dll
2020-09-09 19:16 - 2020-09-09 19:16 - 01799168 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-01-18 13:31 - 2011-01-18 03:36 - 00182560 _____ () C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
2008-12-20 04:20 - 2013-01-18 14:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 132979224 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 07627248 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libglesv2.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 00456176 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libegl.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 02700824 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 00420384 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2020-05-14 20:37 - 2020-12-18 22:11 - 01217824 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 119512864 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 08022816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 00381216 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 04730880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
2020-12-22 14:19 - 2020-12-22 14:20 - 00670208 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\GraphControl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 00028672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\TraceLogging.dll
2015-01-23 14:02 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-06-19 21:10 - 2020-12-18 22:11 - 01031456 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-19 21:10 - 2020-12-21 00:22 - 02938144 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 05138896 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00811984 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00352720 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00848336 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00784848 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2014-06-19 21:10 - 2020-12-21 00:21 - 01067296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-22 09:08 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 00000101 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDCDDDDA-3175-416E-AE3B-8285C5D091B2}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2020 12:52:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:44:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:38:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:21:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3964,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/27/2020 12:02:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:11:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9856,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:02:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 12:39:36 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:24:32 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:15:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (12/27/2020 12:14:46 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:11:51 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:09:06 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (12/27/2020 12:09:05 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba SNMP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba SNMP se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/27/2020 12:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-12-27 12:56:19.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:37.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:36.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:29.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:23.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:54:01.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3052.22 MB
Total Virtual: 16327.86 MB
Available Virtual: 10280.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:144.94 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
To je ta samá verze. FRST stahujte odtud: https://www.bleepingcomputer.com/downlo ... scan-tool/ . Staré verze nemusí vše detekovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2017 (ATTENTION: ====> FRSTversion is 1274 days old and could be outdated)
Ran by Interista (administrator) on LENOVOY570 (27-12-2020 12:50:09)
Running from C:\Users\Interista\Desktop
Loaded Profiles: Interista (Available Profiles: Interista & DefaultAppPool)
Platform: Windows 10 Home Version 1909 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\spacedeskService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\spacedeskServiceTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-07-03] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (The Chromium Authors)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll [2020-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll [2020-12-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: Profiles/o0pndij1.default-release [not found] <==== ATTENTION
FF ProfilePath: [Install308046B0AF4A39CB]
Default=Profiles/zzhr6rop.default-1422064931351-1566033171066
Locked=1
[Profile2]
Name=default-release
IsRelative=1
Path=Profiles/o0pndij1.default-release
[Profile1]
Name=dev-edition-default
IsRelative=1
Path=Profiles/tbtfhk42.dev-edition-default
[Profile0]
Name=default-1422064931351
IsRelative=1
Path=Profiles/zzhr6rop.default-1422064931351-1566033171066
Default=1
[General]
StartWithLastProfile=1
Version=2
[InstallE7CF176E110C211B]
Default=Profiles/o0pndij1.default-release
Locked=1
[not found] <==== ATTENTION
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [195584 2020-07-18] (Microsoft Corporation)
S3 AarSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (AVAST Software)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1393664 2020-07-03] (Microsoft Corporation)
S3 BcastDVRUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-07-03] (Microsoft Corporation)
S3 BluetoothUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [237056 2020-11-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1077248 2020-10-14] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [705536 2020-10-14] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [368640 2020-07-03] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128512 2020-07-18] (Microsoft Corporation)
S3 CaptureService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1125376 2020-07-18] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177664 2020-07-03] (Microsoft Corporation)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_73a35; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [231912 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185952 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [467456 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338944 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [215040 2020-07-18] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [405504 2020-08-12] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-07-03] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [1426928 2020-12-02] (Google LLC)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] ()
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2481664 2020-12-12] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1748480 2020-12-12] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [340992 2020-08-12] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe [1573776 2020-12-17] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-07-03] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-07-03] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [179200 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [284672 2020-10-14] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [477184 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2020-07-03] (Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-07-03] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [319304 2020-11-12] (Microsoft Corporation)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [544256 2020-12-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [406528 2020-12-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729600 2020-12-12] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [924160 2020-12-12] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [2138112 2020-12-12] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2020-07-03] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2020-08-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-08-12] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (AVAST Software)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-07-03] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-07-03] (Microsoft Corporation)
R3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [117064 2020-12-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2020-07-03] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Ensurebit Inc.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-07-03] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [64512 2020-10-14] (Microsoft Corporation)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (The OpenVPN Project)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [359424 2020-07-03] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-03-17] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [97088 2020-11-12] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] ()
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-07-03] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-07-03] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-07-03] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-07-03] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-07-03] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2020-07-03] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [205112 2020-07-03] (Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2020-12-27 12:51 - 00043402 _____ C:\Users\Interista\Desktop\FRST.txt
2020-12-27 12:40 - 2020-12-27 12:45 - 124569178 _____ C:\Users\Interista\Downloads\Misa jazycek.mp4
2020-12-27 11:56 - 2020-12-27 11:56 - 02086424 _____ (Malwarebytes) C:\Users\Interista\Downloads\MBSetup.exe
2020-12-27 11:55 - 2020-12-27 11:55 - 08447152 _____ (Malwarebytes) C:\Users\Interista\Desktop\adwcleaner_8.0.8.exe
2020-12-26 23:19 - 2020-12-26 23:33 - 00068225 _____ C:\Users\Interista\Downloads\Addition.txt
2020-12-26 22:55 - 2020-12-26 23:33 - 00057374 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 02286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 01222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 00001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 00001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 00000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 00001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 00219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 00000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-27 12:19 - 00000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 00216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 00340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 25445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 18038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 07823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 06316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 22651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 05770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 04348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 02045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-12-12 15:17 - 2020-12-12 15:17 - 00166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 06526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 03761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 02585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:16 - 2020-12-12 15:16 - 00101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 09925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 07604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 07274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-12-12 15:15 - 2020-12-12 15:15 - 00461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 15:14 - 2020-12-12 15:14 - 06196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 03728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 06233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 04005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 02525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 00001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 02487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 32079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 00134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2017-07-03 16:24 - 00000000 ____D C:\FRST
2020-12-27 12:45 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 12:21 - 2014-06-19 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2020-12-27 12:10 - 2013-01-18 14:03 - 00379639 _____ C:\WINDOWS\system32\fastboot.set
2020-12-27 12:09 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2020-12-27 12:08 - 2020-07-03 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 12:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 12:06 - 2015-01-23 14:01 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\IObit
2020-12-27 12:06 - 2015-01-23 14:00 - 00000000 ____D C:\Users\Interista\AppData\Roaming\IObit
2020-12-27 12:05 - 2014-04-15 12:53 - 00000000 ____D C:\AdwCleaner
2020-12-26 23:57 - 2020-07-03 11:11 - 00003512 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-12-26 23:57 - 2020-07-03 11:11 - 00003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003288 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2020-12-26 23:57 - 2020-07-03 11:11 - 00003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 23:57 - 2020-07-03 11:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2020-12-26 23:04 - 2014-05-23 09:31 - 00000000 ____D C:\Games - ISO
2020-12-26 22:50 - 2020-07-03 10:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 00000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 00000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 00000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 00000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2020-12-25 23:29 - 2020-11-19 20:48 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 00000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 00000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 00000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 00000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 00000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 00002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 00000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 00000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 00000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 00000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 00001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 00000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 00000000 ____D C:\Users\DefaultAppPool
2020-12-13 10:36 - 2020-07-03 10:59 - 01875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 00783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 00172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 00000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 04948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:07 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 00176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 00522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 00042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 00016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 00332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 00036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 00208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 00851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 00000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 00000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2013-11-20 12:08 - 2014-02-15 00:07 - 0000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 0000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 0042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 0050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 0433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 0000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 0000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 0029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 0002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
2014-06-24 12:54 - 2014-06-24 12:54 - 0000162 _____ () C:\ProgramData\patch.dll
Files to move or delete:
====================
C:\ProgramData\patch.dll
Some files in TEMP:
====================
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole1869230643674649490.dll
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole5790008258529380124.dll
2020-12-22 18:37 - 2020-12-22 18:37 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole8267134282073484264.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Ran by Interista (administrator) on LENOVOY570 (27-12-2020 12:50:09)
Running from C:\Users\Interista\Desktop
Loaded Profiles: Interista (Available Profiles: Interista & DefaultAppPool)
Platform: Windows 10 Home Version 1909 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\spacedeskService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\spacedeskServiceTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-07-03] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2013-01-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2013-01-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [Dropbox Update] => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [AceStream] => C:\Users\Interista\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (The Chromium Authors)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinitx.dll [207856 2017-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvinit.dll [177992 2017-03-17] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{43f75876-1969-4eba-83eb-fa49f52de43a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c2215f13-47a4-4322-a921-c7985ab5acaa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dd47d00c-c8a0-44f0-95be-9c5ac0aaa8ef}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001 -> {F5D333EF-20C3-4787-9C7F-ECE88ECE7932} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll [2020-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll [2020-12-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
FireFox:
========
FF DefaultProfile: zzhr6rop.default-1422064931351-1566033171066
FF ProfilePath: Profiles/o0pndij1.default-release [not found] <==== ATTENTION
FF ProfilePath: [Install308046B0AF4A39CB]
Default=Profiles/zzhr6rop.default-1422064931351-1566033171066
Locked=1
[Profile2]
Name=default-release
IsRelative=1
Path=Profiles/o0pndij1.default-release
[Profile1]
Name=dev-edition-default
IsRelative=1
Path=Profiles/tbtfhk42.dev-edition-default
[Profile0]
Name=default-1422064931351
IsRelative=1
Path=Profiles/zzhr6rop.default-1422064931351-1566033171066
Default=1
[General]
StartWithLastProfile=1
Version=2
[InstallE7CF176E110C211B]
Default=Profiles/o0pndij1.default-release
Locked=1
[not found] <==== ATTENTION
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\o0pndij1.default-release [2020-06-07]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default [2020-03-25]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\user.js [2020-02-12]
FF Extension: (Avast SafePrice
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\tbtfhk42.dev-edition-default\Extensions\sp@avast.com.xpi [2019-02-10]
FF ProfilePath: C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066 [2020-05-05]
FF user.js: detected! => C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\user.js [2020-02-12]
FF Extension: (WebTranslate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2020-05-02]
FF Extension: (To Google Translate) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-05-02]
Comparison, deals, coupons) - C:\Users\Interista\AppData\Roaming\Mozilla\Firefox\Profiles\zzhr6rop.default-1422064931351-1566033171066\Extensions\sp@avast.com.xpi [2020-05-02]
FF HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Interista\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Interista\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2020-12-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3319014896-2388623831-1738719311-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default [2020-12-27]
CHR Extension: (Překladač Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-05]
CHR Extension: (Prezentace) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-21]
CHR Extension: (Dokumenty) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-21]
CHR Extension: (Disk Google) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-21]
CHR Extension: (Tabulky) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Ace Script) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-21]
CHR Extension: (Gmail) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-14]
CHR Profile: C:\Users\Interista\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-14]
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [195584 2020-07-18] (Microsoft Corporation)
S3 AarSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (AVAST Software)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-12] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1393664 2020-07-03] (Microsoft Corporation)
S3 BcastDVRUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-07-03] (Microsoft Corporation)
S3 BluetoothUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [237056 2020-11-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1077248 2020-10-14] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [705536 2020-10-14] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [368640 2020-07-03] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128512 2020-07-18] (Microsoft Corporation)
S3 CaptureService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1125376 2020-07-18] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177664 2020-07-03] (Microsoft Corporation)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_73a35; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [381656 2020-10-14] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [231912 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185952 2020-07-03] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [467456 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338944 2020-07-18] (Microsoft Corporation)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [215040 2020-07-18] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [405504 2020-08-12] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-07-03] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [1426928 2020-12-02] (Google LLC)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] ()
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2481664 2020-12-12] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1748480 2020-12-12] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [340992 2020-08-12] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe [1573776 2020-12-17] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-07-03] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-07-03] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [179200 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2020-07-18] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [284672 2020-10-14] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [477184 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2020-07-03] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2020-07-03] (Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [916392 2019-06-03] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-07-03] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [319304 2020-11-12] (Microsoft Corporation)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [544256 2020-12-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [406528 2020-12-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729600 2020-12-12] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [924160 2020-12-12] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [2138112 2020-12-12] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2020-07-03] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2020-08-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-08-12] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-12] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-12] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-12] (AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-12] (AVAST Software)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-07-03] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-07-03] (Microsoft Corporation)
R3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [117064 2020-12-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2020-07-03] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 DelayMan; C:\WINDOWS\system32\DRIVERS\delayman.sys [20064 2013-01-18] (Ensurebit Inc.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-07-03] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [64512 2020-10-14] (Microsoft Corporation)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-09-05] (The OpenVPN Project)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [359424 2020-07-03] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9d398ade04905fdb\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
R3 NVR0Dev; C:\windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-03-17] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [97088 2020-11-12] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] ()
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-07-03] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-07-03] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-07-03] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-07-03] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-07-03] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2020-07-03] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [205112 2020-07-03] (Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2020-12-27 12:51 - 00043402 _____ C:\Users\Interista\Desktop\FRST.txt
2020-12-27 12:40 - 2020-12-27 12:45 - 124569178 _____ C:\Users\Interista\Downloads\Misa jazycek.mp4
2020-12-27 11:56 - 2020-12-27 11:56 - 02086424 _____ (Malwarebytes) C:\Users\Interista\Downloads\MBSetup.exe
2020-12-27 11:55 - 2020-12-27 11:55 - 08447152 _____ (Malwarebytes) C:\Users\Interista\Desktop\adwcleaner_8.0.8.exe
2020-12-26 23:19 - 2020-12-26 23:33 - 00068225 _____ C:\Users\Interista\Downloads\Addition.txt
2020-12-26 22:55 - 2020-12-26 23:33 - 00057374 _____ C:\Users\Interista\Downloads\FRST.txt
2020-12-26 22:52 - 2020-12-26 22:53 - 02286592 _____ (Farbar) C:\Users\Interista\Downloads\FRST64.exe
2020-12-26 17:16 - 2020-12-26 17:17 - 01222144 _____ C:\Users\Interista\Downloads\RSITx64.exe
2020-12-25 16:12 - 2020-12-25 16:12 - 00001528 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2020-12-25 16:12 - 2020-12-25 16:12 - 00001520 _____ C:\Users\Interista\Desktop\NVIDIA GeForce NOW.lnk
2020-12-25 16:09 - 2020-12-25 16:10 - 110568080 _____ (NVIDIA Corporation) C:\Users\Interista\Downloads\GeForceNOW-release.exe
2020-12-22 20:14 - 2020-12-22 20:14 - 00000000 ____D C:\Users\Interista\AppData\Local\Hinterland
2020-12-22 20:11 - 2020-12-22 20:11 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Hinterland
2020-12-22 20:03 - 2020-12-22 20:03 - 00001637 _____ C:\Users\Public\Desktop\The Long Dark.lnk
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2020-12-22 20:03 - 2020-12-22 20:03 - 00000000 ____D C:\ProgramData\GOG.com
2020-12-22 12:20 - 2020-12-22 19:23 - 2394131548 _____ C:\Users\Interista\Downloads\The_Long_Dark_EN_for_Windows_7-8-10_and_later.rar
2020-12-18 16:53 - 2020-12-18 16:53 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013 (1).pdf
2020-12-18 16:52 - 2020-12-18 16:52 - 00215648 _____ C:\Users\Interista\Downloads\FaSvobodaZ 013 - PDR2020013.pdf
2020-12-18 16:39 - 2020-12-18 16:39 - 00219181 _____ C:\Users\Interista\Documents\IMG_20201218_0001.pdf
2020-12-14 18:52 - 2020-12-15 16:43 - 00000000 ____D C:\Users\Interista\Downloads\Telegram Desktop
2020-12-13 10:31 - 2020-12-27 12:19 - 00000000 ____D C:\Users\Public\spacedesk_logs
2020-12-12 18:59 - 2020-12-12 18:58 - 00216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-12 18:59 - 2020-12-12 18:57 - 00340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 25445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 18038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 07823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 06316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 05010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 04129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 03243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 02317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 01098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe
2020-12-12 15:18 - 2020-12-12 15:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-12-12 15:18 - 2020-12-12 15:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 22651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 07297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 05770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 04348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 02045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-12-12 15:17 - 2020-12-12 15:17 - 00166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe
2020-12-12 15:17 - 2020-12-12 15:17 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 15:17 - 2020-12-12 15:17 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 15:17 - 2020-12-12 15:17 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 15:16 - 2020-12-12 15:16 - 06526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 03761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 02585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 02023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 01154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-12-12 15:16 - 2020-12-12 15:16 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 15:16 - 2020-12-12 15:16 - 00101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-12-12 15:16 - 2020-12-12 15:16 - 00072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-12-12 15:16 - 2020-12-12 15:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 09925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 07604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 07274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 03374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 02695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 02092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 15:15 - 2020-12-12 15:15 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 01170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 01101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-12-12 15:15 - 2020-12-12 15:15 - 00461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-12-12 15:15 - 2020-12-12 15:15 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-12 15:15 - 2020-12-12 15:15 - 00001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 15:14 - 2020-12-12 15:14 - 06196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 03728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 01489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-12-12 15:14 - 2020-12-12 15:14 - 00117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-12-12 15:14 - 2020-12-12 15:14 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-12-12 15:14 - 2020-12-12 15:14 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 06233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 04005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 03265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 02525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 02125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 01029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-12 15:13 - 2020-12-12 15:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-12-12 15:13 - 2020-12-12 15:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-12-12 15:13 - 2020-12-12 15:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\Documents\SKIDROW
2020-12-08 21:04 - 2020-12-08 21:04 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\Knuckle Cracker
2020-12-08 21:03 - 2020-12-08 21:03 - 00001625 _____ C:\Users\Interista\Desktop\Creeper World 4.lnk
2020-12-08 20:57 - 2020-12-08 20:59 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 02487224 _____ (Jihosoft Studio ) C:\Users\Interista\Downloads\JihosoftISOMaker.exe
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft ISO Maker
2020-12-08 20:55 - 2020-12-08 20:55 - 00000000 ____D C:\Program Files (x86)\Jihosoft
2020-12-08 20:54 - 2020-12-08 20:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2020-12-08 20:51 - 2020-12-08 20:53 - 32079160 _____ (Disc Soft Ltd) C:\Users\Interista\Downloads\DTPro810-0654.exe
2020-12-08 16:40 - 2020-12-08 16:40 - 00134309 _____ C:\Users\Interista\Downloads\8012132_2011031192.pdf
2020-12-06 13:10 - 2020-12-06 13:40 - 529897472 _____ C:\Users\Interista\Downloads\CREEPER WORLD 4 - SKIDROW.iso
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-27 12:50 - 2017-07-03 16:24 - 00000000 ____D C:\FRST
2020-12-27 12:45 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-27 12:21 - 2014-06-19 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2020-12-27 12:10 - 2013-01-18 14:03 - 00379639 _____ C:\WINDOWS\system32\fastboot.set
2020-12-27 12:09 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2020-12-27 12:08 - 2020-07-03 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-27 12:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-27 12:06 - 2015-01-23 14:01 - 00000000 ____D C:\Users\Interista\AppData\LocalLow\IObit
2020-12-27 12:06 - 2015-01-23 14:00 - 00000000 ____D C:\Users\Interista\AppData\Roaming\IObit
2020-12-27 12:05 - 2014-04-15 12:53 - 00000000 ____D C:\AdwCleaner
2020-12-26 23:57 - 2020-07-03 11:11 - 00003512 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-12-26 23:57 - 2020-07-03 11:11 - 00003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-12-26 23:57 - 2020-07-03 11:11 - 00003288 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2020-12-26 23:57 - 2020-07-03 11:11 - 00003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2020-12-26 23:57 - 2020-07-03 11:11 - 00002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3319014896-2388623831-1738719311-1001
2020-12-26 23:57 - 2020-07-03 11:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2020-12-26 23:04 - 2014-05-23 09:31 - 00000000 ____D C:\Games - ISO
2020-12-26 22:50 - 2020-07-03 10:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-26 18:15 - 2020-05-27 15:34 - 00000000 ____D C:\Program Files\thinkorswim
2020-12-26 18:15 - 2020-03-24 17:25 - 00000000 ____D C:\Users\Interista\.thinkorswim
2020-12-26 17:17 - 2014-03-13 15:15 - 00000000 ____D C:\Program Files\trend micro
2020-12-26 16:26 - 2020-07-03 11:11 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2020-12-26 16:26 - 2016-10-07 21:33 - 00000000 ____D C:\Program Files\CCleaner
2020-12-26 16:19 - 2017-02-21 17:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2020-12-26 16:04 - 2020-07-03 11:11 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2020-12-25 23:29 - 2020-11-19 20:48 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Telegram Desktop
2020-12-25 17:44 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-12-25 16:12 - 2016-12-10 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-25 16:12 - 2013-01-28 20:34 - 00000000 ____D C:\Users\Interista\AppData\Local\NVIDIA Corporation
2020-12-24 18:01 - 2020-07-01 07:14 - 00000000 ____D C:\ProgramData\CanonIJPLM
2020-12-23 15:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:51 - 2015-01-23 14:02 - 00000000 ____D C:\ProgramData\ProductData
2020-12-22 19:22 - 2013-02-01 17:13 - 00000000 ____D C:\Games
2020-12-22 18:39 - 2016-10-05 19:33 - 00000000 ____D C:\Users\Interista\AppData\Local\JDownloader 2.0
2020-12-22 14:21 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-12-22 12:06 - 2020-06-10 10:11 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:38 - 2020-07-06 14:11 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2020-12-18 16:38 - 2020-07-01 07:34 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Canon
2020-12-18 16:23 - 2020-07-03 10:43 - 00002417 _____ C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-18 16:23 - 2016-04-17 07:34 - 00000000 ___RD C:\Users\Interista\OneDrive
2020-12-15 21:43 - 2020-03-21 13:24 - 00000570 _____ C:\Users\Interista\Desktop\abeceda.txt
2020-12-15 16:51 - 2014-03-17 12:44 - 00000000 ____D C:\Users\Interista\AppData\Local\CrashDumps
2020-12-14 19:59 - 2020-07-03 10:43 - 00000000 ____D C:\Users\Interista
2020-12-14 18:11 - 2020-06-08 00:10 - 00001491 _____ C:\Users\Interista\Desktop\Trader Workstation.lnk
2020-12-14 18:11 - 2020-06-08 00:10 - 00000000 ____D C:\Users\Interista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2020-12-14 18:11 - 2020-03-22 19:06 - 00000000 ____D C:\Jts
2020-12-14 17:33 - 2020-07-03 10:43 - 00000000 ____D C:\Users\DefaultAppPool
2020-12-13 10:36 - 2020-07-03 10:59 - 01875530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 10:36 - 2019-03-19 12:55 - 00783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-13 10:36 - 2019-03-19 12:55 - 00172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 10:31 - 2018-01-13 15:36 - 00000000 ___RD C:\Users\Interista\3D Objects
2020-12-13 10:31 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 10:29 - 2020-07-03 10:32 - 04948552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 23:07 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-12-12 23:06 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 18:59 - 2019-03-19 05:52 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 18:58 - 2020-10-17 16:25 - 00176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-12 18:58 - 2020-04-15 12:03 - 00522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-12 18:58 - 2019-01-08 01:23 - 00097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-12 18:58 - 2018-10-20 10:21 - 00042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-12 18:58 - 2018-06-23 20:12 - 00016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-12 18:58 - 2014-09-24 22:05 - 00084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-12 18:57 - 2019-01-17 00:09 - 00332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-12 18:57 - 2019-01-08 01:23 - 00036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-12 18:57 - 2017-11-19 20:15 - 00208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-12 18:57 - 2014-09-24 22:05 - 00851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-12 15:30 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 14:17 - 2015-11-17 21:29 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-08 21:04 - 2013-02-01 19:01 - 00000000 ____D C:\Users\Interista\Documents\My Games
2020-12-03 20:35 - 2020-10-12 18:46 - 00000076 _____ C:\Users\Interista\Desktop\trade.txt
2020-12-02 22:29 - 2020-03-21 19:27 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2013-11-20 12:08 - 2014-02-15 00:07 - 0000132 _____ () C:\Users\Interista\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-09-22 17:59 - 2014-09-22 18:06 - 0000624 _____ () C:\Users\Interista\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000111 _____ () C:\Users\Interista\AppData\Roaming\Camdata.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamLayout.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0000408 _____ () C:\Users\Interista\AppData\Roaming\CamShapes.ini
2014-09-30 17:36 - 2018-01-25 11:47 - 0004543 _____ () C:\Users\Interista\AppData\Roaming\CamStudio.cfg
2015-01-23 12:54 - 2014-05-24 20:09 - 0042496 ___SH (Open Source Software community project) C:\Users\Interista\AppData\Roaming\pthreadGC2-w64.dll
2017-08-05 11:18 - 2017-08-05 11:18 - 0050911 _____ () C:\Users\Interista\AppData\Roaming\PyScripter.ini
2014-06-24 12:50 - 2013-06-16 10:32 - 0433664 _____ () C:\Users\Interista\AppData\Roaming\setup.msi
2014-09-30 17:32 - 2018-01-25 11:44 - 0000096 _____ () C:\Users\Interista\AppData\Roaming\version2.xml
2020-03-21 17:03 - 2020-03-21 18:01 - 0000081 _____ () C:\Users\Interista\AppData\Local\.bidstack.fault
2017-07-03 18:09 - 2017-07-03 18:09 - 0029696 _____ () C:\Users\Interista\AppData\Local\MSGBOX.EXE
2014-12-20 19:40 - 2014-12-20 19:40 - 0002242 _____ () C:\Users\Interista\AppData\Local\recently-used.xbel
2014-06-24 12:54 - 2014-06-24 12:54 - 0000162 _____ () C:\ProgramData\patch.dll
Files to move or delete:
====================
C:\ProgramData\patch.dll
Some files in TEMP:
====================
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole1869230643674649490.dll
2020-12-22 18:36 - 2020-12-22 18:36 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole5790008258529380124.dll
2020-12-22 18:37 - 2020-12-22 18:37 - 0040448 ____N () C:\Users\Interista\AppData\Local\Temp\proxy_vole8267134282073484264.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Re: prosim o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2017
Ran by Interista (27-12-2020 12:53:36)
Running from C:\Users\Interista\Desktop
Windows 10 Home Version 1909 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers01: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers03: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers04: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers04: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation)
ContextMenuHandlers05: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2020-12-12] (Microsoft Corporation)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04B4FB2E-F791-4908-929F-42851D8A90FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2020-08-12] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {14F7E945-34BA-4A49-B982-226DE8D39347} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {16085BF3-B3CD-43ED-966D-2C3CA0C6DA89} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2020-07-03] (Microsoft Corporation)
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2F3C49C8-FAF3-4F74-97BB-3910FC3F88A9} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/cs/abandoninstall?page=tsProgressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {347FA60B-B61B-4E9B-8717-E06CFA2D419B} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2020-10-14] (Microsoft Corporation)
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56D11F39-CB83-45C0-B5CB-D6E091B1C509} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2020-03-19] (Piriform Software Ltd)
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2020-07-03] (Microsoft Corporation)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6CC1FEEE-1684-4348-81F1-A8D4C3211E16} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2020-09-20] (Avast Software)
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2020-12-12] (AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A25756A2-BC9B-410A-97B1-1160987E874A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [2017-02-21] (Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-10-14] ()
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-03-19] (Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D0BA0B86-4A6B-42CD-80B7-3A4967C52009} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D9D6D456-CAFB-401D-8DCF-DEEB2907C7B6} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12] (Oracle Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1DA6BFE-4499-491E-9FDB-7C01506ECE44} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2020-07-03] (Microsoft Corporation)
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-03-19 05:43 - 2019-03-19 05:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2016-12-10 17:56 - 2017-03-17 00:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2020-07-01 07:14 - 2019-11-28 13:16 - 00399296 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-20 19:39 - 2017-10-11 02:05 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00916392 _____ () C:\WINDOWS\System32\spacedeskService.exe
2019-06-03 09:11 - 2019-06-03 09:11 - 00188328 _____ () C:\WINDOWS\System32\spacedeskKtm.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00469928 _____ () C:\WINDOWS\System32\spacedeskServiceTray.exe
2020-11-12 15:37 - 2020-11-12 15:37 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-03-19 05:59 - 2019-03-19 12:57 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 05:43 - 2019-03-19 05:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2020-11-12 15:37 - 2020-11-12 15:37 - 00947512 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-12-16 18:27 - 2020-12-16 18:29 - 20139008 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Views.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 09864704 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-04-13 15:13 - 2020-04-13 15:13 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 02728448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 03778048 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00643072 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Devices.WinRT.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.CX.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01289728 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Messaging.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01901056 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 01339392 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.WinRT.dll
2020-09-09 19:16 - 2020-09-09 19:16 - 01799168 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-01-18 13:31 - 2011-01-18 03:36 - 00182560 _____ () C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
2008-12-20 04:20 - 2013-01-18 14:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 132979224 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 07627248 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libglesv2.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 00456176 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libegl.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 02700824 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 00420384 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2020-05-14 20:37 - 2020-12-18 22:11 - 01217824 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 119512864 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 08022816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 00381216 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 04730880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
2020-12-22 14:19 - 2020-12-22 14:20 - 00670208 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\GraphControl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 00028672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\TraceLogging.dll
2015-01-23 14:02 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-06-19 21:10 - 2020-12-18 22:11 - 01031456 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-19 21:10 - 2020-12-21 00:22 - 02938144 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 05138896 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00811984 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00352720 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00848336 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00784848 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2014-06-19 21:10 - 2020-12-21 00:21 - 01067296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-22 09:08 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 00000101 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDCDDDDA-3175-416E-AE3B-8285C5D091B2}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2020 12:52:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:44:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:38:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:21:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3964,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/27/2020 12:02:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:11:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9856,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:02:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 12:39:36 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:24:32 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:15:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (12/27/2020 12:14:46 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:11:51 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:09:06 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (12/27/2020 12:09:05 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba SNMP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba SNMP se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/27/2020 12:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-12-27 12:56:19.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:37.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:36.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:29.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:23.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:54:01.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3052.22 MB
Total Virtual: 16327.86 MB
Available Virtual: 10280.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:144.94 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt ============================
Ran by Interista (27-12-2020 12:53:36)
Running from C:\Users\Interista\Desktop
Windows 10 Home Version 1909 (X64) (2020-07-03 10:13:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3319014896-2388623831-1738719311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3319014896-2388623831-1738719311-503 - Limited - Disabled)
Guest (S-1-5-21-3319014896-2388623831-1738719311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319014896-2388623831-1738719311-1003 - Limited - Enabled)
Interista (S-1-5-21-3319014896-2388623831-1738719311-1001 - Administrator - Enabled) => C:\Users\Interista
WDAGUtilityAccount (S-1-5-21-3319014896-2388623831-1738719311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.9.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP150 (HKLM\...\{CA9A3609-3ECC-4574-8824-A8161A71A603}) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Creeper World 4 (HKLM-x32\...\Creeper World 4) (Version: - SKIDROW)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 12.4.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.2 - KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
spacedesk Windows DRIVER (HKLM\...\{D5DDB7FE-6338-4A02-8590-8F4905FFBC38}) (Version: 0.9.1000.0 - datronicsoft Inc.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Telegram Desktop version 2.4.7 (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.7 - Telegram FZ-LLC)
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 1.83 - GOG.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Trader Workstation (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\5889-6375-8446-2021) (Version: latest (981.2h) 20201209 12:29:55 - Interactive Brokers LLC)
TuneUp Utilities 2013 (HKLM-x32\...\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.14 - TuneUp Software)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}) (Version: 13.0.2020.14 - TuneUp Software) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Interista\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers01: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers03: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers04: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\TuneUp Utilities 2013\DseShExt-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers04: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2013\SDShelEx-x64.dll [2012-09-19] (TuneUp Software)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation)
ContextMenuHandlers05: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (AVAST Software)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2020-12-12] (Microsoft Corporation)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3319014896-2388623831-1738719311-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Interista\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {028564F4-DAD8-4CEF-B463-F8C7C554459C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04B4FB2E-F791-4908-929F-42851D8A90FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {0501AFDD-12FA-4C01-9A35-F016DA78BEA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {076AD5BF-6067-427E-9381-F1A23BA00DFF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0AE0D1E6-EEF2-48A9-BA01-FFD53BFC69A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2020-08-12] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {14F7E945-34BA-4A49-B982-226DE8D39347} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {16085BF3-B3CD-43ED-966D-2C3CA0C6DA89} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {170D58E6-0812-4222-884D-D2A5F255C90E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2020-07-03] (Microsoft Corporation)
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1B66E2AB-4090-4187-A1B8-F879D9E108E2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {214F9201-B833-4870-9C51-A7FFDDC45192} - System32\Tasks\{7A4FF9E7-BA3C-4FC7-BE94-EF49099CD3B6} => pcalua.exe -a C:\Downloads\EUcasino_Setup.exe -d C:\Downloads
Task: {21F636BC-B1A3-44DD-89A2-54A1B8817957} - System32\Tasks\{A5E8FB6E-5DF0-44E7-B701-236F7D099369} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/43110
Task: {2601599D-514F-4744-BDD3-420D1F4044C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {28129A90-701F-41D4-A539-A6E756AFFD4A} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2C187558-D2F7-4602-8AAD-7187F53F03FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-11-03] (Adobe Inc.)
Task: {2F3C49C8-FAF3-4F74-97BB-3910FC3F88A9} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {3395660E-C273-48BB-88DE-0E94B633C711} - System32\Tasks\{6DF95473-FC44-472F-BDFC-1C223398E809} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/cs/abandoninstall?page=tsProgressBar
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {347FA60B-B61B-4E9B-8717-E06CFA2D419B} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2020-10-14] (Microsoft Corporation)
Task: {3F8934FE-0D10-4733-9F40-671552A930AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {4141BC0E-26CB-484E-AED0-ABBA013A8BC3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4895D51A-B90B-4ECF-A69B-93D8FA9B0FC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {49768EE0-FDB3-40BD-B274-0CCE6FEA4303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A9D673A-EF2C-475F-835D-3CC15206BD76} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F2CE9C7-5B17-457D-8598-43479FF4F5F9} - System32\Tasks\{672E8836-3CEE-452F-8CF2-79FA73BDA470} => pcalua.exe -a "C:\WebDesign\NetBeans 7.4\uninstall.exe"
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {565A429B-B222-4431-8590-3352926230EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56D11F39-CB83-45C0-B5CB-D6E091B1C509} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {57AF8FF6-BEA8-4E17-BE7F-3FF7D995BABC} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log
Task: {5B11BFF2-5B45-4C0E-951B-5617DBFC80B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60BB71F6-F0C5-4773-B405-06679588F77A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {618D1585-07D7-4526-95D0-0A92E14D451D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {6624D4EA-E15F-4D83-98DF-8AAE46930712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2020-03-19] (Piriform Software Ltd)
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2020-07-03] (Microsoft Corporation)
Task: {698E4C37-870E-4CEA-B5E2-0E4E3A268E84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6CC1FEEE-1684-4348-81F1-A8D4C3211E16} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {6EEA6ACE-7229-424A-BAD9-BD315E7D782B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {73A1EC50-7D31-4800-8D95-B05DB58A309F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78067204-A408-4401-AC27-60BC83F0E090} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7C11F831-BB88-48CE-A5D3-F43BB095EDEC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {7D604811-243F-49BE-8C58-C468BF37356F} - System32\Tasks\AdobeAAMUpdater-1.0-LenovoY570-Interista => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {841569D4-A3C9-4291-BA9A-A290701F5DB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2020-09-20] (Avast Software)
Task: {8B95A60F-939C-46B2-9D94-1F34277409A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97CBA57F-20C3-4EA5-82AD-21D5642988CA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9A42E9C0-177E-4A01-87EB-5FE508505510} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9CBB21B3-1A11-4DFC-AAC0-21A7DF869E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D4107DC-A4B0-4971-8CAE-E6EE8F5AD7A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {9EBA9C52-0D8A-47D6-9538-3950050E8D96} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2020-12-12] (AVAST Software)
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A25756A2-BC9B-410A-97B1-1160987E874A} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {A35F8A09-AD52-4C8B-B7CD-E49CADBE203B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7ECF457-BC00-4B4D-ADA8-972A65A4C740} - System32\Tasks\Droheseruces Configuration => C:\Program Files (x86)\Witlyanipipy\darerwas.exe [2017-02-21] (Glarysoft Ltd)
Task: {AA9A5749-8E2B-4A91-9A9B-4C2901ACAB77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AC1E2F47-3FF2-4077-A442-D277B86BD945} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF78D4EE-23D1-4943-964B-CD2BB0879DC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5F0D76A-D09D-471B-83F7-48298F699537} - System32\Tasks\{1A8D9F80-882F-47EF-9092-B8DAAE064D8E} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-10-14] ()
Task: {BBE187C5-6A63-43FD-BB42-037C05DD22A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1DFBF65-983F-4AB7-B3C1-AC722D21D33D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C46FA0B3-78F5-443B-81AD-3B4B29AC94B8} - System32\Tasks\{6AC10FA4-2A04-4D88-A064-1A90C3C67AA0} => C:\Games\Dead Island\DeadIslandGame.exe
Task: {C8AB6419-B8E3-4252-916D-5DCA1F0776A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB448941-9879-4BE4-982E-2A1545907501} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-03-19] (Piriform Software Ltd)
Task: {CD653C32-80CF-4F2C-A57A-EE4D5E74A049} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D0BA0B86-4A6B-42CD-80B7-3A4967C52009} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D8C16EEE-526A-443D-A00A-FB3D22BDF9A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {D9D6D456-CAFB-401D-8DCF-DEEB2907C7B6} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {DA1EE455-0608-4305-803D-04843F50EB1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12] (Oracle Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E5C03C57-4CED-4306-95EA-1215BF570B9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {E70C4E4A-55D2-4AFB-99DD-268DCDB1529B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1DA6BFE-4499-491E-9FDB-7C01506ECE44} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2020-07-03] (Microsoft Corporation)
Task: {F6432CC0-A47F-4547-922D-79C89CAA8A08} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {F8FF0A91-01D6-474F-BC1F-3C064B0FC448} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001Core.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3319014896-2388623831-1738719311-1001UA.job => C:\Users\Interista\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Interista\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-03-19 05:43 - 2019-03-19 05:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2016-12-10 17:56 - 2017-03-17 00:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2020-07-01 07:14 - 2019-11-28 13:16 - 00399296 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-20 19:39 - 2017-10-11 02:05 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00916392 _____ () C:\WINDOWS\System32\spacedeskService.exe
2019-06-03 09:11 - 2019-06-03 09:11 - 00188328 _____ () C:\WINDOWS\System32\spacedeskKtm.dll
2019-06-03 09:11 - 2019-06-03 09:11 - 00469928 _____ () C:\WINDOWS\System32\spacedeskServiceTray.exe
2020-11-12 15:37 - 2020-11-12 15:37 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-03-19 05:59 - 2019-03-19 12:57 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 05:43 - 2019-03-19 05:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2020-11-12 15:37 - 2020-11-12 15:37 - 00947512 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-12-16 18:27 - 2020-12-16 18:29 - 20139008 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Views.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 09864704 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-04-13 15:13 - 2020-04-13 15:13 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 02728448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 03778048 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00643072 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Devices.WinRT.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.CX.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01289728 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Messaging.dll
2020-12-16 18:27 - 2020-12-16 18:29 - 01901056 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll
2020-12-16 18:27 - 2020-12-16 18:28 - 01339392 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.Calling.WinRT.dll
2020-09-09 19:16 - 2020-09-09 19:16 - 01799168 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-01-18 13:31 - 2011-01-18 03:36 - 00182560 _____ () C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
2008-12-20 04:20 - 2013-01-18 14:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 132979224 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2020-07-03 11:07 - 2020-07-03 11:07 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 07627248 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libglesv2.dll
2020-12-02 22:28 - 2020-12-02 03:01 - 00456176 _____ () C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\libegl.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 02700824 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2020-11-24 19:28 - 2020-11-24 19:28 - 00420384 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2020-05-14 20:37 - 2020-12-18 22:11 - 01217824 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 119512864 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 08022816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-05-14 20:37 - 2020-11-27 00:34 - 00381216 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 04730880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
2020-12-22 14:19 - 2020-12-22 14:20 - 00670208 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\GraphControl.dll
2020-12-22 14:19 - 2020-12-22 14:20 - 00028672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\TraceLogging.dll
2015-01-23 14:02 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-06-19 21:10 - 2020-12-18 22:11 - 01031456 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-19 21:10 - 2020-12-21 00:22 - 02938144 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 23:53 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 05138896 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00811984 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00352720 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00848336 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-03 10:59 - 2019-10-30 18:33 - 00784848 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2014-06-19 21:10 - 2020-12-21 00:21 - 01067296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-22 09:08 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-06 13:08 - 2020-12-26 17:17 - 00000101 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3319014896-2388623831-1738719311-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{2B243E46-E87B-4126-B2D7-F498BDB82E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{1AA9C629-5F1C-4381-8B21-22F7A9825DA5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{22859055-5C70-4C73-8BF9-A24BC7BFC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{BD7FFED7-FF94-4E6F-8A04-828B32A19E74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{4AA6D125-999E-4844-B736-85C655BF9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6565E169-60D3-4F3E-BD86-5F6546645EF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8131D083-AA03-470B-8694-C8379DEAFFCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{89778248-BF22-4E6A-A199-12D7FE349174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{BF89BB2B-9A18-4F12-AA35-03367349476C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1E427C1F-023D-4ED8-BCD5-0DD726A3D42C}] => (Allow) LPort=2869
FirewallRules: [{615EE29A-5AF6-4F37-85B8-AC0CE3E4EB1C}] => (Allow) LPort=1900
FirewallRules: [{B5F7E315-3074-46B8-A419-B4BBD1F13840}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{731F79E5-C29C-4DAE-930F-6FC6622F9F76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFD245E1-44A6-42DE-8489-F434FE64D6DE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{EB1BC56A-3512-483D-9748-155F93B39049}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{EB0200DF-8A8B-4FEB-A677-40DEB2D2DB44}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [TCP Query User{A4B3E36D-A646-4B3B-9820-10725A04CBB7}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{4E6F9B49-AC80-49F2-8FF9-DE595E81C4CC}C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\interista\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{4F62ABDB-C643-4851-A95D-BAA702B26FEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1D57844B-F4C8-454F-8C7E-6B1DDE08B308}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E2FE1A8B-A129-44E3-8DA6-B6F4B32376D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{F2F78CC9-D66C-47E4-A8BE-6BE4CD310DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{129D12BE-AD73-46E3-AEDB-19B1F573172D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9532EC77-3365-49E5-8086-9AEE46A7BC37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A893ED37-E317-41A9-BAD3-8C36AC610005}] => (Allow) LPort=5353
FirewallRules: [{91B47BAD-CD59-4A18-9ACF-122458FDBCED}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FCAB1598-4542-47D9-9E9E-42BFB4BC6940}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4F9856E8-B5A2-462B-8500-60CE98E618C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{8DC79C9B-70DA-4E0C-8DFA-70BB584F4760}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{90540B17-CC50-4A3B-8AB8-30F43E729382}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{20FDF1A3-76D2-449D-BECC-2404B20F6DB4}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{502AA009-F1D5-4B23-A7C3-A38FE2BA8FC8}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{6E9771ED-2BA0-4D38-8E94-232141024629}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [TCP Query User{BFB0A755-FBE4-408D-8B40-56CA4B1F19F2}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [UDP Query User{E8F614FE-1F68-4D58-A25A-76288F6A4F73}C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_45\bin\java.exe
FirewallRules: [TCP Query User{2AFDE8EB-C14E-45AB-8F5C-36728A2D126B}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{18A1DA38-00F0-419F-90E6-B41537BA87D2}C:\users\interista\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\interista\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{DCDF98FC-3DAF-43B7-BBA5-34ED6F53A012}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0BD1FBBE-99A7-4E0C-9A06-69FCC1248EA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F4D6A038-0F35-4AB4-89E0-CAFAAAFBF0DA}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F8F74540-7308-497A-8AF1-7D2E3BD625D5}] => (Allow) C:\Users\Interista\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{074EDDD0-5966-4641-A603-BFD772821D44}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B0DBAADE-37BF-4BD8-A8B2-0230D58AFFC8}C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\interista\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A45F0321-3FEB-4081-A255-70C873947A67}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{639F1118-E47A-4AAC-B030-DF468B8FE94C}C:\users\interista\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\interista\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{96675CD7-FBC9-4B67-A4A7-1EEDFACF33EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{87BFB911-48D9-4D42-8ED9-4FA1730E56B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{082C7FDF-77BC-41AB-BEF1-81CA43875425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D469C0C5-7451-4DDF-947C-C9DC67332CE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F84733E0-D2FD-4286-9884-82DFDBACE434}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{87AFA2C8-AB5F-4457-8061-3760AD7DD7FB}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [{AD0C6663-FD24-4EA0-9BB6-38E4E15B3DF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DF9C902A-F924-40B6-A5AF-2426F9111BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{607D1AD9-87A0-4EFB-B8A4-2199B0776071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D51C227-9EAC-47AC-A8F4-98C793AB97FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B49C562F-A11F-4865-83AA-0A134FD63E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4607DA23-7A9A-4A0C-982E-3CC15DB1DCEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{EA1C292C-0AC2-40BB-AF76-61F59A797378}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B0A04C33-9155-40E9-B5BF-77F9A9248B55}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe
FirewallRules: [{5502B75B-FD5F-4C80-A16B-E878BBEF6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{F6646FF1-4232-4FC2-929C-5841168B50DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3AABC1FD-1BB9-408D-BCFF-0DB720FD4813}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{51999B12-0212-47AF-B317-31613DE8EBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F01DDC9C-EE9E-4C56-B040-8B24885624FB}] => (Allow) C:\Users\Interista\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{28C4B5C8-B62C-4E8B-8826-863A774FB5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDCDDDDA-3175-416E-AE3B-8285C5D091B2}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
FirewallRules: [{B635BBB1-8405-4A55-9EDB-2DA4BA5CF059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{7280BB06-FEDA-413D-8CA8-F9E5785EB598}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A3817CE8-7055-41F4-8381-A6FE31FB1A11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{A02FBDB1-A5B9-4697-89D0-9D15A407C049}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [TCP Query User{C5D733F5-0380-4EC4-B806-08AE6BCF97B4}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [UDP Query User{CC0A110C-0612-4637-8707-684B43B02954}C:\games\the long dark\tld.exe] => (Allow) C:\games\the long dark\tld.exe
FirewallRules: [TCP Query User{68F2116C-5EDB-43D5-823D-8F3CD32AC913}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
FirewallRules: [UDP Query User{3F3BDF9D-3069-4D80-BCEF-BD4C1B80B975}C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\interista\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe
==================== Restore Points =========================
22-12-2020 13:35:44 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2020 12:52:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:44:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:38:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:21:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3964,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (12/27/2020 12:07:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/27/2020 12:02:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:11:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9856,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/27/2020 12:02:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/26/2020 11:28:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/27/2020 12:39:36 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:24:32 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:15:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (12/27/2020 12:14:46 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:11:51 PM) (Source: DCOM) (EventID: 10010) (User: LenovoY570)
Description: Server Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/27/2020 12:09:06 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (12/27/2020 12:09:05 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba SNMP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/27/2020 12:07:34 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba SNMP se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/27/2020 12:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-12-27 12:56:19.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:37.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:36.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:32.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:29.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:55:23.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:54:01.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-27 12:53:54.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8135.86 MB
Available physical RAM: 3052.22 MB
Total Virtual: 16327.86 MB
Available Virtual: 10280.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:144.94 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:22.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29376C2E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Nevím, odkud to stahujete. Když jinak nedáte, uděláme to z té prošlé verze. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {0FC44A17-B152-4BE6-87AF-992D191AFD61} - System32\Tasks\{B7581133-2EA0-41CE-90E1-1E1E82A163AF} => pcalua.exe -a C:\games\MINECRAFT\Uninstall.exe
Task: {19BAF204-7D19-41E3-ADBF-59EEF986EAB7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {1A1673FB-A3BD-41B1-A15E-0DD2E4C74B6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2B5C654D-898D-4D97-84CD-66D073C02DBC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {35E4CA42-B19A-4E4A-84B2-B9C360F032FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B6E93CB-5176-493C-B838-DD66F2C5532E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {517B8226-EFB8-496F-BBDE-3750956D960B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
ask: {56D11F39-CB83-45C0-B5CB-D6E091B1C509} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {765A4834-C006-4CA5-9EE0-18167279D672} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77773450-A1E5-426C-BBFA-99F122851397} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7C7A322B-22CD-4890-AD3E-6B65998E4EB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {92499943-2CD7-4704-B887-7E8F548982E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {963EAC6A-BA83-4A51-9D4A-F6101CB4EE5C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {99ED9A2D-C31D-4BF9-AF9B-CAF150B19816} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9B2E19F4-D8ED-4624-89B4-0C6E0E9FAF72} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A0A86556-6F50-482C-AA4E-04BECD4DDE9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {346D3858-2B6B-4635-AECD-65DD5E1358C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
FF ProfilePath: Profiles/o0pndij1.default-release [not found] <==== ATTENTION
[not found] <==== ATTENTION
S3 AarSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ConsentUxUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PrintWorkflowUserSvc_73a35; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Corporation) <==== ATTENTION
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Corporation) <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\patch.dll
C:\Users\Interista\AppData\Local\Temp
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?