VIRY.CZ

PC mi akurat skenuje eset online scanner.. zatial 2 hrozby.. reklamy prestali vybiehavat po spustnie adcleaneru a Malwarebytes anti-malware.. ale urcite este haved nejaka ostala

Logfile of random's system information tool 1.16 (written by random/random)
Run by kille at 2017-06-28 15:37:28
Microsoft Windows 10 Home
System drive C: has 97 GB (46%) free of 210 GB
Total RAM: 16296 MB (73% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:37:31, on 28.06.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\kille\Downloads\esetonlinescanner_enu.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\kille_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Google Update] C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Steam] "E:\HOME\GAMES\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Viber] "C:\Users\kille\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3BB6DB8E3F3093BC6130F8117C9DFBDF] "C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: i1Profiler Tray.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
O4 - Global Startup: XRGamma.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\HOME\GAMES\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\HOME\GAMES\Origin\OriginWebHelperService.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe
O23 - Service: X-Rite Device Services Manager (xrdd.exe) - X-Rite Inc. - C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe

--
End of file - 12279 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Noran Studio Two-in Studio 2\Noran Studio Two-in Studio 2.dll",nygBSYITV
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -s SENS
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localservice -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
"C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
"E:\HOME\GAMES\Origin\OriginWebHelperService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\hasplms.exe -run
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\kille\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\kille\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x1e8,0x1ec,0x1f0,0x1e4,0x1f4,0x7ffd7e1319d0,0x7ffd7e1319b8,0x7ffd7e1319e8
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=12312 --on-initialized-event-handle=648 --parent-handle=652 /prefetch:6
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan-12876 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1420 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,20,24,26,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --gpu-driver-date=8-24-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0fcd --service-request-channel-token=50C4ACBF7C6C3A975B8791AA0B6363B7 --mojo-platform-channel-handle=1436 --ignored=" --type=renderer " /prefetch:2
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=8D7EB928B1F257B33A587CB620E56B2C --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=8D7EB928B1F257B33A587CB620E56B2C --renderer-client-id=4 --mojo-platform-channel-handle=2588 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=D903A32036E59CD0E708D0B50E9C5D2A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D903A32036E59CD0E708D0B50E9C5D2A --renderer-client-id=5 --mojo-platform-channel-handle=2784 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=E51092503A6DB5508DE8F7464846FB9F --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=E51092503A6DB5508DE8F7464846FB9F --renderer-client-id=6 --mojo-platform-channel-handle=2844 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=920F38ADA89CE754AA0540B4952550F8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=920F38ADA89CE754AA0540B4952550F8 --renderer-client-id=7 --mojo-platform-channel-handle=2952 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=CD4075AA1E022754EFAEAD0F8FF37474 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=CD4075AA1E022754EFAEAD0F8FF37474 --renderer-client-id=8 --mojo-platform-channel-handle=2976 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=82E61061143B2BBECD2E7AE7D71E647D --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=82E61061143B2BBECD2E7AE7D71E647D --renderer-client-id=10 --mojo-platform-channel-handle=2992 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=5F5C1229F0B20624C2B662B490865152 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=5F5C1229F0B20624C2B662B490865152 --renderer-client-id=11 --mojo-platform-channel-handle=6660 /prefetch:1
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=5E3A3DE4ABD27DCCF631F3A900D54D26 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=5E3A3DE4ABD27DCCF631F3A900D54D26 --renderer-client-id=13 --mojo-platform-channel-handle=6788 /prefetch:1
"C:\Users\kille\Downloads\esetonlinescanner_enu.exe" EULA
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --disable-databases --primordial-pipe-token=6B15AED09047291E8F19F2755578FD7E --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\kille\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/4.1.1.202" --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="12876.0.1829196822\1903902473" --mojo-platform-channel-handle=2780 /prefetch:1
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\server.js"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=40479C2355BE7209E7BE5227F3910FD0 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=40479C2355BE7209E7BE5227F3910FD0 --renderer-client-id=24 --mojo-platform-channel-handle=7148 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=73765FF483B1BCB166971757E6A67F01 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=73765FF483B1BCB166971757E6A67F01 --renderer-client-id=27 --mojo-platform-channel-handle=2228 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=82BC0CB691C3E5C198A1998303F11784 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=82BC0CB691C3E5C198A1998303F11784 --renderer-client-id=33 --mojo-platform-channel-handle=9300 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -s dmwappushservice
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SmsRouter
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=2D6EB569CDEABFBEC1E45B4F979AA2F9 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=2D6EB569CDEABFBEC1E45B4F979AA2F9 --renderer-client-id=39 --mojo-platform-channel-handle=6112 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420 --primordial-pipe-token=F8E01505BF0872BE843E5A07E584DAC9 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F8E01505BF0872BE843E5A07E584DAC9 --renderer-client-id=40 --mojo-platform-channel-handle=9708 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 700 704 712 8192 708
"C:\Users\kille\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\X-Rite Device Services Software Updater.job - C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-killerisko@gmail.com - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core1d257fc88a55501 - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA1d257fc88c7eae6 - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Noran Studio Two-in Studio 2 - C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Noran Studio Two-in Studio 2\Noran Studio Two-in Studio 2.dll",nygBSYITV
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\X-Rite Device Services Software Updater - C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
C:\WINDOWS\system32\tasks\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA} - C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\XRD Manager.exe /exenoupdates /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="C:\" AI_PREREQFILES="C:\Users\kille\AppData\Local\Temp\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}\drivers64.msi" AI_PREREQDIRS="C:\Users\kille\AppData\Local\Temp" OLDPRODUCTS="{425E7005-9EC8-4CFC-818A-D3511CE343B7}" AI_SETUPEXEPATH="C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\XRD Manager.exe" SETUPEXEDIR="C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\" TARGETDIR="C:\" APPDIR="C:\Program Files (x86)\X-Rite\Devices\" COMPANYNAME="Microsoft"
C:\WINDOWS\system32\tasks\{425E7005-9EC8-4CFC-818A-D3511CE343B7} - C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\XRD Manager.exe /exenoupdates /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="C:\" AI_PREREQFILES="C:\Users\kille\AppData\Local\Temp\{425E7005-9EC8-4CFC-818A-D3511CE343B7}\drivers64.msi" AI_PREREQDIRS="C:\Users\kille\AppData\Local\Temp" OLDPRODUCTS="{EC551D01-8A2A-4C4E-A07B-4B84CE682129}" AI_SETUPEXEPATH="C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\XRD Manager.exe" SETUPEXEDIR="C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\" TARGETDIR="C:\" APPDIR="C:\Program Files (x86)\X-Rite\Devices\" COMPANYNAME="Microsoft"
C:\WINDOWS\system32\tasks\{AC450DA6-338F-4367-BC3C-370D6435E321} - C:\WINDOWS\system32\pcalua.exe -a "E:\HOME\GAMES\Ubisoft Game Launcher\upc.exe" -c uplay://uninstall/2184
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IPCWebComponents]
"Description"=
"Path"=C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\addons.json
Mozilla Firefox hotfix - extension - firefox-hotfix@mozilla.org

C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\features\{f609b0f6-c749-459e-9ba6-bc4b3ecbe47f}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\features\{f609b0f6-c749-459e-9ba6-bc4b3ecbe47f}\hsts-priming@mozilla.org.xpi
Logitech SetPoint - extension - {F003DA68-8256-4b37-A6C4-350FA04494DF} - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 17.9.20044.25828 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.33.5 - C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
Plugin - npIPCReg DLL - 3.3.0.7 - C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll
Plugin - Google Update - 1.3.33.5 - C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll

=========Google Chrome=========

C:\Users\kille\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension ajopnjidmegmdimjlfnijceegpefgped 1 BetterTTV 7.2
Extension alelhddbbhepgpmgidjdcjakblofbmce
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfbmjmiodbnnpllbbbfblcplfjjepjdn 1 Turn Off the Lights 3.4.24.0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cihaednhfbocfdiflmpccekcmjepcnmb 0 Newsletter Creator for Gmail - Flashissue 3.1.0
Extension coobgpohoikkiipiblmjeljniedjpjpf
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 1 Adobe Acrobat 15.1.0.6
Extension efgpgbcidmnhkoeceikdacelidndbfgl
Extension ejjicmeblgpmajnghnpcppodonldlgfn 1 Kalendár Google 4.5.10
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension ffdaeeijbbijklfcpahbghahojgfgebo 1 Gyazo 2.6.0
Extension fnbdnhhicmebfgdgglcdacdapkcihcoh 1 Page Analytics (by Google) 1.7.7
Extension gbchcmhmhahfdphkhkmpfmihenigjmpp 1 Vzdialená plocha Chrome 59.0.3071.47
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 0 AdBlock 3.13.0
Extension gmbmikajjgmnabiglmofipeabaddhgne 1 Uložiť na Disk Google 2.1.1
Extension hbdkkfheckcdppiaiabobmennhijkknn 1 Open SEO Stats(Formerly: PageRank Status) 9.6.0.0
Extension heialfagdbdflgppjfmgmjdajchdgbjo 1 InstagramDL Plugin - Instagram Downloader 0.6.11
Extension hkgndiocipalkpejnpafdbdlfdjihomd 1 AirDroid 2.0.4
Extension hmjkmjkepdijhoojdojkdfohbdgmmhki 1 Google Keep – poznámky a zoznamy 3.1.17254.1423
Extension jbbmdehmiclndmeedcocofcjlpgjnmea 1 Twitch Fullscreen Plus 1.3.2
Extension jijknldiopccnikfclcmmjnponjkicbc
Extension jnkdcmgmnegofdddphijckfagibepdlb 0 InstaG Downloader 1.7.1
Extension kbfnbcaeplbcioakkpcpgfkobkghlhen 0 Grammarly for Chrome 14.778.1011
Extension klbibkeccnjlkjkiokjodocebajanakg 1 The Great Suspender 6.30
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension ldibdoepbjbkkcbgndfljnphngpglhbb 0 mydlink services plugin 1.0.2.6
Extension ljphpjlafmmdmegmfbkacafhbegjfkkn 1 Top Eleven 2.0.0.5
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 2 Application Launcher for Drive (by Google) 3.2
Extension mafbdhjdkjnoafhfelkjpchpaepjknad 1 Morpheon Dark 3.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mihcahmgecmbnbcchbopgniflfhgnkff 1 Kontrola pošty Google 4.4.0
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.3
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension ookhcbgokankfmjafalglpofmolfopek 0 Kontrola Kalendára Google (od spoločnosti Google) 2.0.0
Extension pjjhlfkghdhmijklfnahfkpgmhcmfgcm
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5917.424.0.6
Extension ppcjiigginhdhihbdlejjoekeemjaiml 0
Homepage: https://www.reddit.com/
default_search_provider.search_url:
C:\Users\kille\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26 435320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26 366200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-21 13886208]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtsFT"=RTFTrack.exe []
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-09-19 7818040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-05-03 1893496]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 3113592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-06-14 1555664]
"Google Update"=C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-04-29 601168]
"Steam"=E:\HOME\GAMES\Steam\steam.exe [2017-06-08 3042592]
"Viber"=C:\Users\kille\AppData\Local\Viber\Viber.exe [2017-06-12 31098960]
"GoogleChromeAutoLaunch_3BB6DB8E3F3093BC6130F8117C9DFBDF"=C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe [2017-06-23 1197912]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-03-21 23819304]
"Spotify Web Helper"=C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-01-15 1431664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-06-04 2406496]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2016-08-04 596640]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
i1Profiler Tray.lnk - C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
XRGamma.lnk - C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02 65992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

====== List of files/folders created in the last 1 month ======

2017-06-28 15:28:52 ----HD---- C:\OneDriveTemp
2017-06-28 15:01:12 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-06-28 15:00:57 ----D---- C:\ProgramData\Malwarebytes
2017-06-28 15:00:57 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-06-28 14:47:29 ----D---- C:\ProgramData\d3be4809759148b88ab5e27566b2be69
2017-06-28 14:47:28 ----D---- C:\Users\kille\AppData\Roaming\3b43937937c04b3aaca22a4243b8a621
2017-06-26 17:44:29 ----D---- C:\Users\kille\AppData\Roaming\.mono
2017-06-26 17:44:29 ----D---- C:\ProgramData\.mono
2017-06-26 14:18:16 ----D---- C:\Users\kille\AppData\Roaming\Corel
2017-06-26 14:17:25 ----D---- C:\Program Files\Common Files\Corel
2017-06-26 14:15:36 ----D---- C:\Program Files\Corel
2017-06-26 11:02:23 ----D---- C:\ProgramData\Protexis
2017-06-26 10:49:22 ----D---- C:\ProgramData\Protexis64
2017-06-26 10:46:59 ----D---- C:\Program Files (x86)\gs
2017-06-26 10:45:34 ----D---- C:\Program Files\Common Files\Protexis
2017-06-26 10:44:35 ----D---- C:\ProgramData\Corel
2017-06-26 10:38:15 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-06-20 08:42:46 ----A---- C:\WINDOWS\system32\drivers\cfidsk.sys
2017-06-19 13:33:27 ----D---- C:\WINDOWS\LastGood.Tmp
2017-06-16 01:02:30 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-15 20:14:19 ----D---- C:\FRST
2017-06-15 19:53:33 ----D---- C:\AdwCleaner
2017-06-15 17:58:20 ----D---- C:\rsit
2017-06-15 17:58:20 ----D---- C:\Program Files\trend micro
2017-06-13 22:58:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-13 22:58:38 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-06-13 22:58:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-06-13 22:58:30 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\devicengccredprov.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\capauthz.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\xboxgipsynthetic.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\NPSMDesktopProvider.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\DictationManager.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-06-13 22:58:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-13 22:58:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\winmde.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-06-13 22:58:10 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-06-13 22:58:10 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-13 22:58:09 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\snmptrap.exe
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys
2017-06-13 22:58:07 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-13 22:58:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-13 22:58:06 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-06-13 22:58:04 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-06-13 22:58:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-06-13 22:57:58 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-06-13 22:57:58 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\mfsvr.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\MapsStore.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\MapRouter.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\wpncore.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\mfps.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\mfplat.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\ISM.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\InputService.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\devicengccredprov.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\wpnprv.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\NPSM.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-13 22:57:52 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-13 22:57:52 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-13 22:57:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-13 22:57:51 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-13 22:57:50 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-06-13 22:57:47 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-06-13 22:57:47 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\HelpPane.exe
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\umpo.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\tzres.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-13 22:57:43 ----A---- C:\WINDOWS\system32\twinui.dll
2017-06-13 22:57:43 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\explorer.exe
2017-06-13 22:57:40 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-13 22:57:40 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-06-13 22:57:36 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-13 22:57:35 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-06-13 22:57:35 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-06-13 22:57:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\usocore.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\SRH.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\msctf.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\efscore.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\provengine.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\sysmain.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\rdbui.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\DictationManager.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\comctl32.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\capauthz.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-06-13 22:57:27 ----A---- C:\WINDOWS\bfsvc.exe
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\drivers\ksthunk.sys
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\comdlg32.dll

====== List of files/folders modified in the last 1 month ======

2017-06-28 15:30:59 ----D---- C:\ProgramData\NVIDIA
2017-06-28 15:30:19 ----D---- C:\WINDOWS\Temp
2017-06-28 15:29:56 ----D---- C:\WINDOWS\Prefetch
2017-06-28 15:28:41 ----D---- C:\Users\kille\AppData\Roaming\ViberPC
2017-06-28 15:27:39 ----D---- C:\WINDOWS\System32
2017-06-28 15:23:20 ----RSD---- C:\WINDOWS\Media
2017-06-28 15:23:20 ----D---- C:\WINDOWS\system32\drivers
2017-06-28 15:22:58 ----D---- C:\WINDOWS\system32\sru
2017-06-28 15:19:42 ----RD---- C:\Program Files (x86)
2017-06-28 15:19:35 ----D---- C:\WINDOWS\system32\Tasks
2017-06-28 15:19:32 ----D---- C:\Program Files\Noran Studio Two-in Studio 2
2017-06-28 15:00:57 ----HD---- C:\ProgramData
2017-06-28 14:55:17 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-06-28 14:52:47 ----D---- C:\WINDOWS\Tasks
2017-06-28 14:47:17 ----D---- C:\Program Files\Windows Media Player
2017-06-28 14:47:11 ----D---- C:\Program Files\Windows NT
2017-06-28 14:47:11 ----D---- C:\Program Files\Realtek
2017-06-28 14:47:09 ----RD---- C:\Program Files
2017-06-28 14:44:29 ----D---- C:\Users\kille\AppData\Roaming\uTorrent
2017-06-28 14:09:30 ----D---- C:\WINDOWS\system32\SleepStudy
2017-06-28 10:10:26 ----HD---- C:\Program Files\WindowsApps
2017-06-28 10:10:26 ----D---- C:\WINDOWS\AppReadiness
2017-06-27 21:42:43 ----D---- C:\Users\kille\AppData\Roaming\FileZilla
2017-06-27 20:25:58 ----RD---- C:\WINDOWS\Microsoft.NET
2017-06-27 10:16:17 ----RSD---- C:\WINDOWS\Fonts
2017-06-26 22:08:52 ----D---- C:\Users\kille\AppData\Roaming\vlc
2017-06-26 14:17:44 ----SHDC---- C:\WINDOWS\Installer
2017-06-26 14:17:28 ----AD---- C:\Program Files\Common Files\microsoft shared
2017-06-26 14:17:25 ----D---- C:\Program Files\Common Files
2017-06-26 14:16:00 ----RD---- C:\WINDOWS\assembly
2017-06-26 12:58:08 ----D---- C:\WINDOWS\system32\catroot2
2017-06-26 12:54:08 ----SHD---- C:\System Volume Information
2017-06-26 11:25:43 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-26 11:03:42 ----D---- C:\Program Files (x86)\Common Files
2017-06-26 10:46:33 ----D---- C:\ProgramData\Package Cache
2017-06-26 10:45:02 ----D---- C:\WINDOWS\SysWOW64
2017-06-26 10:33:24 ----D---- C:\Windows
2017-06-23 22:54:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-19 16:17:54 ----D---- C:\Users\kille\AppData\Roaming\Spotify
2017-06-19 13:34:13 ----D---- C:\WINDOWS\INF
2017-06-16 19:16:59 ----D---- C:\WINDOWS\rescache
2017-06-15 17:43:46 ----D---- C:\WINDOWS\system32\NDF
2017-06-15 17:25:19 ----D---- C:\WINDOWS\system32\config
2017-06-15 10:23:16 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-15 10:23:14 ----D---- C:\WINDOWS\WinSxS
2017-06-14 17:20:09 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-06-14 17:20:09 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-06-14 17:20:05 ----SD---- C:\WINDOWS\system32\F12
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\sk-SK
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\oobe
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\appraiser
2017-06-14 17:20:00 ----D---- C:\WINDOWS\ShellExperiences
2017-06-14 17:19:59 ----D---- C:\WINDOWS\AppPatch
2017-06-14 17:19:58 ----RD---- C:\Program Files\Windows Defender
2017-06-14 17:19:58 ----D---- C:\Program Files\Windows Photo Viewer
2017-06-14 17:19:58 ----D---- C:\Program Files\Internet Explorer
2017-06-14 17:19:58 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 17:19:58 ----D---- C:\Program Files (x86)\Internet Explorer
2017-06-13 23:08:17 ----D---- C:\WINDOWS\system32\MRT
2017-06-13 23:03:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-13 23:03:22 ----D---- C:\WINDOWS\CbsTemp
2017-06-07 15:11:58 ----D---- C:\Users\kille\AppData\Roaming\Adobe
2017-06-07 15:11:41 ----D---- C:\Program Files (x86)\Adobe
2017-06-03 08:32:49 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-06-02 10:52:31 ----D---- C:\Users\kille\AppData\Roaming\Origin
2017-06-02 10:52:31 ----D---- C:\ProgramData\Origin
2017-06-01 14:36:06 ----D---- C:\ProgramData\boost_interprocess
2017-06-01 00:46:26 ----D---- C:\WINDOWS\LiveKernelReports
2017-05-31 23:38:57 ----AD---- C:\Program Files (x86)\TeamViewer
2017-05-31 19:58:59 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 13:41:45 ----D---- C:\ProgramData\Adobe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-04-30 677360]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-05-02 47032]
R1 cfidsk;cfidsk; C:\WINDOWS\system32\drivers\cfidsk.sys [2017-06-20 196520]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2014-11-27 91784]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2014-11-27 162136]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2014-11-27 331608]
R2 rzpmgrk;rzpmgrk; \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys [2015-09-22 37184]
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys [2015-12-14 130880]
R3 ACPIVPC;@oem149.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-04 42328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem37.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-05-28 31136]
R3 ibtfltcoex;@oem106.inf,%PROVIDER_NAME%;Intel Corporation; C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys [2015-07-01 79632]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2017-03-18 121344]
R3 LEqdUsb;@oem128.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2015-06-18 87696]
R3 LHidEqd;@oem109.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2015-06-18 23184]
R3 LHidFilt;@oem137.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 86672]
R3 LMouFilt;@oem137.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 69264]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-06-28 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-05-12 64216]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2017-03-18 3343872]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_020c5444f1367c00\nvlddmkm.sys [2017-05-02 14456944]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-05-03 48248]
R3 nvvhci;@oem19.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-05-02 59448]
R3 rtsuvc;@oem74.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-08-30 3069680]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-03-18 181248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-03-18 105472]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-03-18 47104]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-03-18 96768]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-03-18 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2017-04-19 980992]
S3 btmaux;@oem29.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\WINDOWS\system32\DRIVERS\btmaux.sys [2013-07-22 140600]
S3 dg_ssudbus;@oem143.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-18 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-18 47672]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-19 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-03 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-03-18 180736]
S3 rzendpt;@oem147.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [2016-06-23 51736]
S3 rzudd;@oem73.inf,%Razer.SvcDesc%;Razer Keyboard Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2016-06-23 203288]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-06-04 814688]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-08-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-08-26 1157496]
R2 CDPUserSvc_77d4e;Connected Devices Platform User Service_77d4e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2014-11-27 4608320]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-18 157128]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-05-03 450168]
R2 OneSyncSvc_77d4e;Sync Host_77d4e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Origin Web Helper Service;Origin Web Helper Service; E:\HOME\GAMES\Origin\OriginWebHelperService.exe [2017-06-02 3125656]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 337776]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-05 188072]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2016-06-20 69760]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-05-20 335808]
R3 PimIndexMaintenanceSvc_77d4e;Kontaktné údaje_77d4e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-04-18 1517576]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_77d4e;DevicesFlow_77d4e; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 356808]
S3 MessagingService_77d4e;MessagingService_77d4e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; E:\HOME\GAMES\Origin\OriginClientService.exe [2017-06-02 2155920]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-06-08 1607968]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

posielam aktualny log.. v dalsom prispevku poslem log z pred 2 hodin iba pre istotu

# AdwCleaner v6.047 - *Logfile created 28/06/2017 *at 17:59:08
# *Updated on 19/05/2017 by Malwarebytes
# *Database : 2017-06-26.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : kille - DESKTOP-H88QSHB
# *Running from : C:\Users\kille\Downloads\adwcleaner_6.047.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****

[-] *Folder deleted: C:\Users\Public\Documents\XMUpdate


***** [ *Files ] *****

[-] *File deleted: C:\Users\kille\appdata\local\installationconfiguration.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****

[-] *Task deleted: RunAtStartup


***** [ *Registry ] *****

[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\PC
[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\Amigo
[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\Event Monitor
[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\Hotspot
[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\Speedownloader0099
[-] *Key deleted: HKU\S-1-5-21-2749714667-2368359933-3780946547-1001\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
[#] *Key deleted on reboot: HKCU\Software\PC
[#] *Key deleted on reboot: HKCU\Software\Amigo
[#] *Key deleted on reboot: HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[#] *Key deleted on reboot: HKCU\Software\Event Monitor
[#] *Key deleted on reboot: HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[#] *Key deleted on reboot: HKCU\Software\Hotspot
[#] *Key deleted on reboot: HKCU\Software\Speedownloader0099
[#] *Key deleted on reboot: HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
[-] *Key deleted: HKLM\SOFTWARE\PC
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] *Key deleted: HKLM\SOFTWARE\Event Monitor
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
[#] *Key deleted on reboot: [x64] HKCU\Software\PC
[#] *Key deleted on reboot: [x64] HKCU\Software\Amigo
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[#] *Key deleted on reboot: [x64] HKCU\Software\Event Monitor
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[#] *Key deleted on reboot: [x64] HKCU\Software\Hotspot
[#] *Key deleted on reboot: [x64] HKCU\Software\Speedownloader0099
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
[#] *Key deleted on reboot: HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1396 *Bytes] - [15/06/2017 19:55:19]
C:\AdwCleaner\AdwCleaner[C2].txt - [3617 *Bytes] - [28/06/2017 17:59:08]
C:\AdwCleaner\AdwCleaner[R0].txt - [2856 *Bytes] - [28/06/2017 14:54:42]
C:\AdwCleaner\AdwCleaner[S0].txt - [4245 *Bytes] - [15/06/2017 19:55:00]
C:\AdwCleaner\AdwCleaner[S1].txt - [3705 *Bytes] - [28/06/2017 17:58:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3913 *Bytes] ##########

posielam log z pred 2 hodin z Malwarebytes Anti-Malware, iba pre istotu, kedze bitcoin minery ma dost vydesili.. cast uz z toho bude asi zmazana aj tak

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28.06.2017
Scan Time: 15:04:06
Logfile: 123.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2017.06.28.05
Rootkit Database: v2017.05.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: kille

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307771
Time Elapsed: 14 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\em.exe, 3872, , [2273182ca405e94d743745f906fa07f9]
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\gplyra.exe, 11236, , [3d5877cd7a2fc76f2268ca3825db758b]

Modules: 2
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\isxdl.dll, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\msvcr120.dll, , [3d5877cd7a2fc76f2268ca3825db758b],

Registry Keys: 9
PUP.Optional.SpeeDownloader, HKLM\SOFTWARE\Speedownloader0099, , [a1f4ea5a812848ee9bade0daac55c63a],
PUP.Optional.SysTweak.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RunAtStartup, , [d2c387bdfdacc86e1c47487dda26d12f],
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, , [662ffb498326b5819ab0dd374bb59769],
Adware.Jawego, HKLM\SOFTWARE\WOW6432NODE\Jawego, , [13825aeafdac11250c449220a75ad42c],
PUP.Optional.Jawego, HKLM\SOFTWARE\WOW6432NODE\Jawego, , [f69f0d375c4d6dc9d07023e438ca936d],
PUP.Optional.SpeeDownloader, HKLM\SOFTWARE\WOW6432NODE\Speedownloader0099, , [8a0b390bf2b75fd7390fb901f20f1ae6],
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\WOW6432NODE\PC\CLEAN\Plus, , [009531132e7b3303adb8b5b1729134cc],
PUP.Optional.YeaDesktop, HKU\S-1-5-21-2749714667-2368359933-3780946547-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\YeaDesktop, , [890cd86c4168b77fa2eac983b44c18e8],
PUP.Optional.PCCleanPlus, HKU\S-1-5-21-2749714667-2368359933-3780946547-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PC\CLEAN\Plus, , [d4c14bf94c5d4aecc1d4869604ff11ef],

Registry Values: 8
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Lahin_Raw_barra_al3eb_b3id_O7Y95, "C:\Program Files\Windows Media Player\SDENISCDSP535H4IY25D8G480V49M\PC&&riC#'B.exe", , [b5e0a4a0c2e72b0bf20d2f13a45c16ea]
Adware.Tuto4PC, HKU\S-1-5-21-2749714667-2368359933-3780946547-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|s_3mqA1#Pp.exe, C:\Program Files\Realtek\Q67ON6CHHD5HNL9LWM4\s_3mqA1#Pp.exe -r1_5 -r2_1, , [049160e43178e5515c1a09e727da44bc]
Adware.Tuto4PC, HKU\S-1-5-21-2749714667-2368359933-3780946547-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2MhVr2guern6h.exe, C:\Users\kille\AppData\Roaming\3b43937937c04b3aaca22a4243b8a621\2MhVr2guern6h.exe -r1_1 -r2_2, , [296cf3515752181ebfb74ba5936e56aa]
Adware.Amonetize, HKU\S-1-5-21-2749714667-2368359933-3780946547-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|6bn7H4xhCPKh.exe, C:\ProgramData\d3be4809759148b88ab5e27566b2be69\6bn7H4xhCPKh.exe 1 0, , [cfc6e85cdacf2f07dfd18399ea17916f]
Adware.Amonetize, HKU\S-1-5-21-2749714667-2368359933-3780946547-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|#wyt-P_Vdp.exe, C:\Program Files\Realtek\Q67ON6CHHD5HNL9LWM4\#wyt-P_Vdp.exe 2 0, , [c6cff74d5e4b72c4852ba577ef12fa06]
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gplyra, C:\Users\kille\AppData\Roaming\gplyra\gplyra\start.cmd, , [c5d08abad8d190a6a655f6119c64dd23]
PUP.Optional.YeaDesktop.ClnShrt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|YeaDesktop.exe, 11001, , [8c0976ceefbaa78f817cc575b64af30d]
PUP.Optional.YeaDesktop, HKU\S-1-5-21-2749714667-2368359933-3780946547-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|YeaDesktop, C:\Program Files (x86)\YeaDesktop\YeaDesktop.exe /autostart, , [b9dca3a190192d09047996b3639db14f]

Registry Data: 0
(No malicious items detected)

Folders: 10
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mgdisk, , [4e47ef550f9adf57c75c1acf29d86a96],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.PCCleanPlus, C:\Program Files (x86)\pccleanplus, , [0590390b5554999d50d648446997c53b],
PUP.Optional.UCBrowser, C:\Users\kille\AppData\Roaming\UCChannel, , [badb50f4ffaaa195ffba585125dcf60a],
PUP.Optional.UCBrowser, C:\Users\kille\AppData\Roaming\UCChannel\Bin, , [badb50f4ffaaa195ffba585125dcf60a],

Files: 78
Adware.Tuto4PC, C:\Program Files\Windows Media Player\SDENISCDSP535H4IY25D8G480V49M\PC&&riC#'B.exe, , [b5e0a4a0c2e72b0bf20d2f13a45c16ea],
Adware.Tuto4PC, C:\Program Files\Realtek\Q67ON6CHHD5HNL9LWM4\s_3mqA1#Pp.exe, , [049160e43178e5515c1a09e727da44bc],
Adware.Tuto4PC, C:\Users\kille\AppData\Roaming\3b43937937c04b3aaca22a4243b8a621\2MhVr2guern6h.exe, , [296cf3515752181ebfb74ba5936e56aa],
Adware.Amonetize, C:\ProgramData\d3be4809759148b88ab5e27566b2be69\6bn7H4xhCPKh.exe, , [cfc6e85cdacf2f07dfd18399ea17916f],
Adware.Amonetize, C:\Program Files\Realtek\Q67ON6CHHD5HNL9LWM4\#wyt-P_Vdp.exe, , [c6cff74d5e4b72c4852ba577ef12fa06],
Trojan.Wdfload.Generic, C:\Program Files\Noran Studio Two-in Studio 2\Noran Studio Two-in Studio 2.dll, , [94015ce87336fb3b2f46a75a9b67b44c],
PUP.Optional.PCCleanPlus, C:\Program Files (x86)\pccleanplus\pccleanplus.exe, , [088d2321c2e7c57144787b1e5ba69967],
PUP.Optional.UCBrowser, C:\Users\kille\AppData\Local\Temp\00007163\UCBrowser_V6.1.2107.204_4043_(Build1703071827)_ChannelU_03081433.exe, , [365f4df7634603331c52e9a8f7099d63],
Adware.Eszjuxuan, C:\Users\kille\AppData\Local\Temp\is-P4T0S.tmp\setup.exe, , [5d38133179302e085fd6677a14ed9e62],
PUP.Optional.YeaDesktop, C:\Users\kille\AppData\Local\Temp\is-P4T0S.tmp\YeaDesktop3.exe, , [99fc0d37852454e24972e46443bd639d],
PUP.Optional.Amonetize, C:\Users\kille\AppData\Local\Temp\07153\Setup.exe, , [b5e0e75d7e2ba0961fc5e55510f17888],
Trojan.Wdfload.Generic, C:\Users\kille\AppData\Local\Temp\07159\webfriend1498653177.exe, , [bfd6b391892043f306fd45c3c141ec14],
PUP.Optional.Amonetize, C:\Users\kille\AppData\Local\Temp\07195\Setup.exe, , [c6cf4afa1e8bc0765d8777c39f627090],
PUP.Optional.InstallCore, C:\Users\kille\AppData\Local\Temp\179278140\ic-0.d5f11324229f48.exe, , [8d08ad97b7f22b0b523ccbfac04031cf],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\eng_em.ini, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\em.exe, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\French_em.ini, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\German_em.ini, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\ininotfound0.ini, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\isxdl.dll, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\japan_em.ini, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.EventMonitor, C:\Users\kille\AppData\Roaming\Event Monitor\log_06-28-2017.log, , [2273182ca405e94d743745f906fa07f9],
PUP.Optional.SysTweak.Generic, C:\Windows\System32\Tasks\RunAtStartup, , [f69fd2725b4e96a0e237735223dd49b7],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdisk.exe, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\inst.db, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdinst.dll, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdisk.db3, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdisk.ssf, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\sqlite3.dll, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\uninst.exe, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\zlib.dll, , [f5a09ba90e9bce68bd4727c2a061956b],
PUP.Optional.MagicDisk, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mgdisk\magicdisk.lnk, , [4e47ef550f9adf57c75c1acf29d86a96],
PUP.Optional.MagicDisk, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mgdisk\uninstall magicdisk.lnk, , [4e47ef550f9adf57c75c1acf29d86a96],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra-uninst.exe, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\decredGeForce GT 755Mgw256l4tc4032.bin, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\gplyra.conf, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\gplyra.exe, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\msvcr120.dll, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\aes_helper.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\blake.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\blake256.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\bmw.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\bmw256.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\cubehash.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\darkcoin-mod.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\decred.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\echo.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\fugue.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\groestl.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\groestl256.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\jh.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\keccak.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\keccak1600.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\luffa.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\lyra2.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\lyra2re.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\lyra2rev2.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\lyra2v2.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\neoscrypt.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\shabal.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\shavite.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\simd.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\skein.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\skein256.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.BitCoinMiner, C:\Users\kille\AppData\Roaming\gplyra\gplyra\kernel\vanilla.cl, , [3d5877cd7a2fc76f2268ca3825db758b],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.Elex.ClnShrt, C:\Users\kille\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js, , [bdd82a1a5e4be2549cf8cc74a65a0af6],
PUP.Optional.PCCleanPlus, C:\Program Files (x86)\pccleanplus\uninstaller.exe, , [0590390b5554999d50d648446997c53b],
PUP.Optional.PCCleanPlus, C:\Program Files (x86)\pccleanplus\uninstaller.exe.config, , [0590390b5554999d50d648446997c53b],
PUP.Optional.UCBrowser, C:\Users\kille\AppData\Roaming\UCChannel\aavc.ini, , [badb50f4ffaaa195ffba585125dcf60a],
PUP.Optional.UCBrowser, C:\Users\kille\AppData\Roaming\UCChannel\Bin\ChannelU.dll, , [badb50f4ffaaa195ffba585125dcf60a],
PUP.Optional.Amonetize, C:\Users\kille\AppData\Local\Temp\amipixel.cfg, , [9df8172db2f72b0b550d49160102b54b],

Physical Sectors: 0
(No malicious items detected)


(end)

OK. Smažte všechny nálezy MBAM a pak dejte nový log FRST.

mazal som vsetko mam pocit

Logfile of random's system information tool 1.16 (written by random/random)
Run by kille at 2017-06-28 19:20:01
Microsoft Windows 10 Home
System drive C: has 98 GB (47%) free of 210 GB
Total RAM: 16296 MB (68% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:20:04, on 28.06.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
E:\HOME\GAMES\Ubisoft Game Launcher\upc.exe
E:\HOME\GAMES\Ubisoft Game Launcher\UplayWebCore.exe
E:\HOME\GAMES\Ubisoft Game Launcher\UplayWebCore.exe
E:\HOME\GAMES\Ubisoft Game Launcher\UplayWebCore.exe
C:\Program Files\trend micro\kille_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Google Update] C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Steam] "E:\HOME\GAMES\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Viber] "C:\Users\kille\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3BB6DB8E3F3093BC6130F8117C9DFBDF] "C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: i1Profiler Tray.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
O4 - Global Startup: XRGamma.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\HOME\GAMES\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\HOME\GAMES\Origin\OriginWebHelperService.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe
O23 - Service: X-Rite Device Services Manager (xrdd.exe) - X-Rite Inc. - C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe

--
End of file - 12434 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Noran Studio Two-in Studio 2\Noran Studio Two-in Studio 2.dll",nygBSYITV
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -s netprofm
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\hasplms.exe -run
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\AUDIODG.EXE 0x418
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan-10660 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --disable-databases --primordial-pipe-token=27A119F838362598F18C6076E6AED500 --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\kille\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/4.1.1.202" --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="10660.0.1511057697\1510740822" --mojo-platform-channel-handle=2796 /prefetch:1
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\server.js"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"E:\HOME\GAMES\Ubisoft Game Launcher\upc.exe"
E:\HOME\GAMES\Ubisoft Game Launcher\UplayWebCore.exe
E:\HOME\GAMES\Ubisoft Game Launcher\UplayWebCore.exe
E:\HOME\GAMES\Ubisoft Game Launcher\UplayWebCore.exe
c:\windows\system32\svchost.exe -k netsvcs -s XblAuthManager
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 696 700 708 8192 704
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k networkservice -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\kille\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\kille\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x1e4,0x1e8,0x1ec,0x1e0,0x1f0,0x7ff8390419d0,0x7ff8390419b8,0x7ff8390419e8
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=13692 --on-initialized-event-handle=652 --parent-handle=656 /prefetch:6
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1380 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,20,24,26,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --gpu-driver-date=8-24-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0fcd --service-request-channel-token=619A8530C79B86336D0880B9F371307C --mojo-platform-channel-handle=1396 --ignored=" --type=renderer " /prefetch:2
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=5E035F0CB4DC9955285F69123CA6AD70 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=5E035F0CB4DC9955285F69123CA6AD70 --renderer-client-id=16 --mojo-platform-channel-handle=2596 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=9561DF9E20FE56089FC70E4EADBC828B --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=9561DF9E20FE56089FC70E4EADBC828B --renderer-client-id=4 --mojo-platform-channel-handle=3444 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=92D1C464DF5233F7F0D60135AAE97C7F --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=92D1C464DF5233F7F0D60135AAE97C7F --renderer-client-id=5 --mojo-platform-channel-handle=3444 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=E53B5F821FF1CF5D98126FA82E9A91E8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=E53B5F821FF1CF5D98126FA82E9A91E8 --renderer-client-id=6 --mojo-platform-channel-handle=3652 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=F5E39367A08D721CEC2AF1611F8B53E5 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F5E39367A08D721CEC2AF1611F8B53E5 --renderer-client-id=7 --mojo-platform-channel-handle=3660 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=64B31DF2AB03929BC7A61680D35673E3 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=64B31DF2AB03929BC7A61680D35673E3 --renderer-client-id=8 --mojo-platform-channel-handle=3688 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=94D243ABB254003C4C3AEE05A85580E0 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=94D243ABB254003C4C3AEE05A85580E0 --renderer-client-id=9 --mojo-platform-channel-handle=3696 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=B2354B09D4768A244E04853597DE43D4 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=B2354B09D4768A244E04853597DE43D4 --renderer-client-id=10 --mojo-platform-channel-handle=3704 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=720A39CAB8B27978988B66B764DF6F83 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=720A39CAB8B27978988B66B764DF6F83 --renderer-client-id=11 --mojo-platform-channel-handle=3712 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=B0E10F6C3C96DB3700B2ACBFDB4C7143 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=B0E10F6C3C96DB3700B2ACBFDB4C7143 --renderer-client-id=13 --mojo-platform-channel-handle=3728 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=4796D93B1FEC0255EA35C360490F0758 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=4796D93B1FEC0255EA35C360490F0758 --renderer-client-id=21 --mojo-platform-channel-handle=9052 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=065BE27388D428592F47C051EBAC94B8 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=065BE27388D428592F47C051EBAC94B8 --renderer-client-id=22 --mojo-platform-channel-handle=9268 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=2C6E573B0D646F8333A09E5E9937E25E --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=2C6E573B0D646F8333A09E5E9937E25E --renderer-client-id=24 --mojo-platform-channel-handle=10156 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1380 --primordial-pipe-token=D302275836D5E484D5EFC72CECA2C040 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D302275836D5E484D5EFC72CECA2C040 --renderer-client-id=14 --mojo-platform-channel-handle=10896 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\kille\Downloads\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\X-Rite Device Services Software Updater.job - C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-killerisko@gmail.com - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core1d257fc88a55501 - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA1d257fc88c7eae6 - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Noran Studio Two-in Studio 2 - C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Noran Studio Two-in Studio 2\Noran Studio Two-in Studio 2.dll",nygBSYITV
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\X-Rite Device Services Software Updater - C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
C:\WINDOWS\system32\tasks\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA} - C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\XRD Manager.exe /exenoupdates /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="C:\" AI_PREREQFILES="C:\Users\kille\AppData\Local\Temp\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}\drivers64.msi" AI_PREREQDIRS="C:\Users\kille\AppData\Local\Temp" OLDPRODUCTS="{425E7005-9EC8-4CFC-818A-D3511CE343B7}" AI_SETUPEXEPATH="C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\XRD Manager.exe" SETUPEXEDIR="C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\" TARGETDIR="C:\" APPDIR="C:\Program Files (x86)\X-Rite\Devices\" COMPANYNAME="Microsoft"
C:\WINDOWS\system32\tasks\{425E7005-9EC8-4CFC-818A-D3511CE343B7} - C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\XRD Manager.exe /exenoupdates /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="C:\" AI_PREREQFILES="C:\Users\kille\AppData\Local\Temp\{425E7005-9EC8-4CFC-818A-D3511CE343B7}\drivers64.msi" AI_PREREQDIRS="C:\Users\kille\AppData\Local\Temp" OLDPRODUCTS="{EC551D01-8A2A-4C4E-A07B-4B84CE682129}" AI_SETUPEXEPATH="C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\XRD Manager.exe" SETUPEXEDIR="C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\" TARGETDIR="C:\" APPDIR="C:\Program Files (x86)\X-Rite\Devices\" COMPANYNAME="Microsoft"
C:\WINDOWS\system32\tasks\{AC450DA6-338F-4367-BC3C-370D6435E321} - C:\WINDOWS\system32\pcalua.exe -a "E:\HOME\GAMES\Ubisoft Game Launcher\upc.exe" -c uplay://uninstall/2184
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IPCWebComponents]
"Description"=
"Path"=C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\addons.json
Mozilla Firefox hotfix - extension - firefox-hotfix@mozilla.org

C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\features\{f609b0f6-c749-459e-9ba6-bc4b3ecbe47f}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\features\{f609b0f6-c749-459e-9ba6-bc4b3ecbe47f}\hsts-priming@mozilla.org.xpi
Logitech SetPoint - extension - {F003DA68-8256-4b37-A6C4-350FA04494DF} - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 17.9.20044.25828 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.33.5 - C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
Plugin - npIPCReg DLL - 3.3.0.7 - C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll
Plugin - Google Update - 1.3.33.5 - C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll

=========Google Chrome=========

C:\Users\kille\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension ajopnjidmegmdimjlfnijceegpefgped 1 BetterTTV 7.2
Extension alelhddbbhepgpmgidjdcjakblofbmce
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfbmjmiodbnnpllbbbfblcplfjjepjdn 1 Turn Off the Lights 3.4.24.0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cihaednhfbocfdiflmpccekcmjepcnmb 0 Newsletter Creator for Gmail - Flashissue 3.1.0
Extension coobgpohoikkiipiblmjeljniedjpjpf
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 1 Adobe Acrobat 15.1.0.6
Extension efgpgbcidmnhkoeceikdacelidndbfgl
Extension ejjicmeblgpmajnghnpcppodonldlgfn 1 Kalendár Google 4.5.10
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension ffdaeeijbbijklfcpahbghahojgfgebo 1 Gyazo 2.6.0
Extension fnbdnhhicmebfgdgglcdacdapkcihcoh 1 Page Analytics (by Google) 1.7.7
Extension gbchcmhmhahfdphkhkmpfmihenigjmpp 1 Vzdialená plocha Chrome 59.0.3071.47
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.13.0
Extension gmbmikajjgmnabiglmofipeabaddhgne 1 Uložiť na Disk Google 2.1.1
Extension hbdkkfheckcdppiaiabobmennhijkknn 1 Open SEO Stats(Formerly: PageRank Status) 9.6.0.0
Extension heialfagdbdflgppjfmgmjdajchdgbjo 1 InstagramDL Plugin - Instagram Downloader 0.6.11
Extension hkgndiocipalkpejnpafdbdlfdjihomd 1 AirDroid 2.0.4
Extension hmjkmjkepdijhoojdojkdfohbdgmmhki 1 Google Keep – poznámky a zoznamy 3.1.17254.1423
Extension jbbmdehmiclndmeedcocofcjlpgjnmea 1 Twitch Fullscreen Plus 1.3.2
Extension jijknldiopccnikfclcmmjnponjkicbc
Extension jnkdcmgmnegofdddphijckfagibepdlb 1 InstaG Downloader 1.7.1
Extension kbfnbcaeplbcioakkpcpgfkobkghlhen 1 Grammarly for Chrome 14.778.1011
Extension klbibkeccnjlkjkiokjodocebajanakg 1 The Great Suspender 6.30
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension ldibdoepbjbkkcbgndfljnphngpglhbb 0 mydlink services plugin 1.0.2.6
Extension ljphpjlafmmdmegmfbkacafhbegjfkkn 1 Top Eleven 2.0.0.5
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 2 Application Launcher for Drive (by Google) 3.2
Extension mafbdhjdkjnoafhfelkjpchpaepjknad 1 Morpheon Dark 3.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mihcahmgecmbnbcchbopgniflfhgnkff 1 Kontrola pošty Google 4.4.0
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.3
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension ookhcbgokankfmjafalglpofmolfopek 0 Kontrola Kalendára Google (od spoločnosti Google) 2.0.0
Extension pjjhlfkghdhmijklfnahfkpgmhcmfgcm
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5917.424.0.6
Extension ppcjiigginhdhihbdlejjoekeemjaiml 0
Homepage: https://www.reddit.com/
default_search_provider.search_url:
C:\Users\kille\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26 435320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26 366200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-21 13886208]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtsFT"=RTFTrack.exe []
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-09-19 7818040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-05-03 1893496]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 3113592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-06-14 1555664]
"Google Update"=C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-04-29 601168]
"Steam"=E:\HOME\GAMES\Steam\steam.exe [2017-06-08 3042592]
"Viber"=C:\Users\kille\AppData\Local\Viber\Viber.exe [2017-06-12 31098960]
"GoogleChromeAutoLaunch_3BB6DB8E3F3093BC6130F8117C9DFBDF"=C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe [2017-06-23 1197912]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-03-21 23819304]
"Spotify Web Helper"=C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-01-15 1431664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-06-04 2406496]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2016-08-04 596640]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
i1Profiler Tray.lnk - C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
XRGamma.lnk - C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02 65992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

====== List of files/folders created in the last 1 month ======

2017-06-28 15:28:52 ----HD---- C:\OneDriveTemp
2017-06-28 15:01:12 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-06-28 15:00:57 ----D---- C:\ProgramData\Malwarebytes
2017-06-28 15:00:57 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-06-28 14:47:29 ----D---- C:\ProgramData\d3be4809759148b88ab5e27566b2be69
2017-06-28 14:47:28 ----D---- C:\Users\kille\AppData\Roaming\3b43937937c04b3aaca22a4243b8a621
2017-06-26 17:44:29 ----D---- C:\Users\kille\AppData\Roaming\.mono
2017-06-26 17:44:29 ----D---- C:\ProgramData\.mono
2017-06-26 14:18:16 ----D---- C:\Users\kille\AppData\Roaming\Corel
2017-06-26 14:17:25 ----D---- C:\Program Files\Common Files\Corel
2017-06-26 14:15:36 ----D---- C:\Program Files\Corel
2017-06-26 11:02:23 ----D---- C:\ProgramData\Protexis
2017-06-26 10:49:22 ----D---- C:\ProgramData\Protexis64
2017-06-26 10:46:59 ----D---- C:\Program Files (x86)\gs
2017-06-26 10:45:34 ----D---- C:\Program Files\Common Files\Protexis
2017-06-26 10:44:35 ----D---- C:\ProgramData\Corel
2017-06-26 10:38:15 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-06-20 08:42:46 ----A---- C:\WINDOWS\system32\drivers\cfidsk.sys
2017-06-19 13:33:27 ----D---- C:\WINDOWS\LastGood.Tmp
2017-06-16 01:02:30 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-15 20:14:19 ----D---- C:\FRST
2017-06-15 19:53:33 ----D---- C:\AdwCleaner
2017-06-15 17:58:20 ----D---- C:\rsit
2017-06-15 17:58:20 ----D---- C:\Program Files\trend micro
2017-06-13 22:58:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-13 22:58:38 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-06-13 22:58:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-06-13 22:58:30 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\devicengccredprov.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\capauthz.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\xboxgipsynthetic.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\NPSMDesktopProvider.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\DictationManager.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-06-13 22:58:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-13 22:58:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\winmde.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-06-13 22:58:10 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-06-13 22:58:10 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-13 22:58:09 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\snmptrap.exe
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys
2017-06-13 22:58:07 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-13 22:58:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-13 22:58:06 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-06-13 22:58:04 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-06-13 22:58:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-06-13 22:57:58 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-06-13 22:57:58 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\mfsvr.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\MapsStore.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\MapRouter.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\wpncore.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\mfps.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\mfplat.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\ISM.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\InputService.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\devicengccredprov.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\wpnprv.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\NPSM.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-13 22:57:52 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-13 22:57:52 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-13 22:57:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-13 22:57:51 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-13 22:57:50 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-06-13 22:57:47 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-06-13 22:57:47 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\HelpPane.exe
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\umpo.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\tzres.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-13 22:57:43 ----A---- C:\WINDOWS\system32\twinui.dll
2017-06-13 22:57:43 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\explorer.exe
2017-06-13 22:57:40 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-13 22:57:40 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-06-13 22:57:36 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-13 22:57:35 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-06-13 22:57:35 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-06-13 22:57:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\usocore.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\SRH.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\msctf.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\efscore.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\provengine.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\sysmain.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\rdbui.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\DictationManager.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\comctl32.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\capauthz.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-06-13 22:57:27 ----A---- C:\WINDOWS\bfsvc.exe
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\drivers\ksthunk.sys
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\comdlg32.dll

====== List of files/folders modified in the last 1 month ======

2017-06-28 19:13:15 ----D---- C:\WINDOWS\Temp
2017-06-28 19:12:33 ----D---- C:\WINDOWS\Prefetch
2017-06-28 19:12:30 ----RD---- C:\WINDOWS\Microsoft.NET
2017-06-28 19:11:41 ----D---- C:\WINDOWS\system32\SleepStudy
2017-06-28 18:40:10 ----D---- C:\ProgramData\NVIDIA
2017-06-28 18:37:16 ----D---- C:\Users\kille\AppData\Roaming\ViberPC
2017-06-28 18:36:02 ----D---- C:\WINDOWS\System32
2017-06-28 18:08:03 ----D---- C:\WINDOWS\system32\sru
2017-06-28 18:00:47 ----AD---- C:\Program Files (x86)\TeamViewer
2017-06-28 16:31:08 ----D---- C:\CCProxy
2017-06-28 15:23:20 ----RSD---- C:\WINDOWS\Media
2017-06-28 15:23:20 ----D---- C:\WINDOWS\system32\drivers
2017-06-28 15:19:42 ----RD---- C:\Program Files (x86)
2017-06-28 15:19:35 ----D---- C:\WINDOWS\system32\Tasks
2017-06-28 15:19:32 ----D---- C:\Program Files\Noran Studio Two-in Studio 2
2017-06-28 15:00:57 ----HD---- C:\ProgramData
2017-06-28 14:55:17 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-06-28 14:52:47 ----D---- C:\WINDOWS\Tasks
2017-06-28 14:47:17 ----D---- C:\Program Files\Windows Media Player
2017-06-28 14:47:11 ----D---- C:\Program Files\Windows NT
2017-06-28 14:47:11 ----D---- C:\Program Files\Realtek
2017-06-28 14:47:09 ----RD---- C:\Program Files
2017-06-28 14:44:46 ----D---- C:\Users\kille\AppData\Roaming\uTorrent
2017-06-28 10:10:26 ----HD---- C:\Program Files\WindowsApps
2017-06-28 10:10:26 ----D---- C:\WINDOWS\AppReadiness
2017-06-27 21:42:43 ----D---- C:\Users\kille\AppData\Roaming\FileZilla
2017-06-27 10:16:17 ----RSD---- C:\WINDOWS\Fonts
2017-06-26 22:08:52 ----D---- C:\Users\kille\AppData\Roaming\vlc
2017-06-26 14:17:44 ----SHDC---- C:\WINDOWS\Installer
2017-06-26 14:17:28 ----AD---- C:\Program Files\Common Files\microsoft shared
2017-06-26 14:17:25 ----D---- C:\Program Files\Common Files
2017-06-26 14:16:00 ----RD---- C:\WINDOWS\assembly
2017-06-26 12:58:08 ----D---- C:\WINDOWS\system32\catroot2
2017-06-26 12:54:08 ----SHD---- C:\System Volume Information
2017-06-26 11:25:43 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-26 11:03:42 ----D---- C:\Program Files (x86)\Common Files
2017-06-26 10:46:33 ----D---- C:\ProgramData\Package Cache
2017-06-26 10:45:02 ----D---- C:\WINDOWS\SysWOW64
2017-06-26 10:33:24 ----D---- C:\Windows
2017-06-23 22:54:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-19 16:17:54 ----D---- C:\Users\kille\AppData\Roaming\Spotify
2017-06-19 13:34:13 ----D---- C:\WINDOWS\INF
2017-06-16 19:16:59 ----D---- C:\WINDOWS\rescache
2017-06-15 17:43:46 ----D---- C:\WINDOWS\system32\NDF
2017-06-15 17:25:19 ----D---- C:\WINDOWS\system32\config
2017-06-15 10:23:16 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-15 10:23:14 ----D---- C:\WINDOWS\WinSxS
2017-06-14 17:20:09 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-06-14 17:20:09 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-06-14 17:20:05 ----SD---- C:\WINDOWS\system32\F12
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\sk-SK
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\oobe
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\appraiser
2017-06-14 17:20:00 ----D---- C:\WINDOWS\ShellExperiences
2017-06-14 17:19:59 ----D---- C:\WINDOWS\AppPatch
2017-06-14 17:19:58 ----RD---- C:\Program Files\Windows Defender
2017-06-14 17:19:58 ----D---- C:\Program Files\Windows Photo Viewer
2017-06-14 17:19:58 ----D---- C:\Program Files\Internet Explorer
2017-06-14 17:19:58 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 17:19:58 ----D---- C:\Program Files (x86)\Internet Explorer
2017-06-13 23:08:17 ----D---- C:\WINDOWS\system32\MRT
2017-06-13 23:03:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-13 23:03:22 ----D---- C:\WINDOWS\CbsTemp
2017-06-07 15:11:58 ----D---- C:\Users\kille\AppData\Roaming\Adobe
2017-06-07 15:11:41 ----D---- C:\Program Files (x86)\Adobe
2017-06-03 08:32:49 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-06-02 10:52:31 ----D---- C:\Users\kille\AppData\Roaming\Origin
2017-06-02 10:52:31 ----D---- C:\ProgramData\Origin
2017-06-01 14:36:06 ----D---- C:\ProgramData\boost_interprocess
2017-06-01 00:46:26 ----D---- C:\WINDOWS\LiveKernelReports
2017-05-31 19:58:59 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 13:41:45 ----D---- C:\ProgramData\Adobe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-04-30 677360]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-05-02 47032]
R1 cfidsk;cfidsk; C:\WINDOWS\system32\drivers\cfidsk.sys [2017-06-20 196520]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2014-11-27 91784]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2014-11-27 162136]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2014-11-27 331608]
R2 rzpmgrk;rzpmgrk; \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys [2015-09-22 37184]
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys [2015-12-14 130880]
R3 ACPIVPC;@oem149.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-04 42328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem37.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-05-28 31136]
R3 ibtfltcoex;@oem106.inf,%PROVIDER_NAME%;Intel Corporation; C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys [2015-07-01 79632]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2017-03-18 121344]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-06-28 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-05-12 64216]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2017-03-18 3343872]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_020c5444f1367c00\nvlddmkm.sys [2017-05-02 14456944]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-05-03 48248]
R3 nvvhci;@oem19.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-05-02 59448]
R3 rtsuvc;@oem74.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-08-30 3069680]
R3 rzendpt;@oem147.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [2016-06-23 51736]
R3 rzudd;@oem73.inf,%Razer.SvcDesc%;Razer Keyboard Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2016-06-23 203288]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-03-18 181248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-03-18 105472]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-03-18 47104]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-03-18 96768]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-03-18 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2017-04-19 980992]
S3 btmaux;@oem29.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\WINDOWS\system32\DRIVERS\btmaux.sys [2013-07-22 140600]
S3 dg_ssudbus;@oem143.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-18 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-18 47672]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 LEqdUsb;@oem128.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2015-06-18 87696]
S3 LHidEqd;@oem109.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2015-06-18 23184]
S3 LHidFilt;@oem137.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 86672]
S3 LMouFilt;@oem137.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 69264]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-19 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-03 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-03-18 180736]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-06-04 814688]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-08-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-08-26 1157496]
R2 CDPUserSvc_6a232;Connected Devices Platform User Service_6a232; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2014-11-27 4608320]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-18 157128]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-05-03 450168]
R2 OneSyncSvc_6a232;Sync Host_6a232; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 337776]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2016-06-20 69760]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-05-20 335808]
R3 PimIndexMaintenanceSvc_6a232;Kontaktné údaje_6a232; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 Origin Web Helper Service;Origin Web Helper Service; E:\HOME\GAMES\Origin\OriginWebHelperService.exe [2017-06-02 3125656]
S2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-05 188072]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-04-18 1517576]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_6a232;DevicesFlow_6a232; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 356808]
S3 MessagingService_6a232;MessagingService_6a232; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; E:\HOME\GAMES\Origin\OriginClientService.exe [2017-06-02 2155920]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-06-08 1607968]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core1d257fc88a55501
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA1d257fc88c7eae6

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.16 (written by random/random)
Run by kille at 2017-06-28 20:27:40
Microsoft Windows 10 Home
System drive C: has 98 GB (47%) free of 210 GB
Total RAM: 16296 MB (69% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:46, on 28.06.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe
E:\HOME\GAMES\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Users\kille\AppData\Local\Viber\Viber.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
E:\HOME\GAMES\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\trend micro\kille_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Google Update] C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Steam] "E:\HOME\GAMES\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Viber] "C:\Users\kille\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3BB6DB8E3F3093BC6130F8117C9DFBDF] "C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: i1Profiler Tray.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
O4 - Global Startup: XRGamma.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\HOME\GAMES\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\HOME\GAMES\Origin\OriginWebHelperService.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe
O23 - Service: X-Rite Device Services Manager (xrdd.exe) - X-Rite Inc. - C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe

--
End of file - 12507 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s gpsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k localservice -s netprofm
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Noran Studio Two-in Studio 2\Noran Studio Two-in Studio 2.dll",nygBSYITV
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe"
"C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\hasplms.exe -run
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\AUDIODG.EXE 0x428
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppX368sbpk1kx658x0p332evjk2v0y02kxp.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:Microsoft.XboxApp.AppXf74jmpwd42x7vxttda454sh29n0qpb8x.mca
"C:\Program Files\Windows Defender\MSASCuiL.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"E:\HOME\GAMES\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe" --xmlFilePath="C:\Users\kille\AppData\Local\Temp\adobegc_a09580" --workflowInitiator=CSUpdater --xmlFilePath2="C:\Users\Public\Documents\AdobeGC\adobegc_a09580"
"C:\Users\kille\AppData\Local\Viber\Viber.exe" StartMinimized
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\kille\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\kille\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x1dc,0x1e0,0x1e4,0x1d8,0x1e8,0x7ffbb85119d0,0x7ffbb85119b8,0x7ffbb85119e8
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=10304 --on-initialized-event-handle=636 --parent-handle=640 /prefetch:6
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan-9380 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1564 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,20,24,26,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --gpu-driver-date=8-24-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0fcd --service-request-channel-token=4D117A81296F2F1710359879319E243D --mojo-platform-channel-handle=1580 --ignored=" --type=renderer " /prefetch:2
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=47EC7035AFE56D3A5DE062D76262264F --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=47EC7035AFE56D3A5DE062D76262264F --renderer-client-id=4 --mojo-platform-channel-handle=2392 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=3A2DB75004F3FB8A79613EE6CD3A4834 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=3A2DB75004F3FB8A79613EE6CD3A4834 --renderer-client-id=5 --mojo-platform-channel-handle=2660 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=A0BA2F54E767215420280ACC6B455F97 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=A0BA2F54E767215420280ACC6B455F97 --renderer-client-id=6 --mojo-platform-channel-handle=2684 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=D8DD7143C28B51F2CA87881062FD4810 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D8DD7143C28B51F2CA87881062FD4810 --renderer-client-id=7 --mojo-platform-channel-handle=2692 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=0834828DE145621B65ED68C36765C843 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=0834828DE145621B65ED68C36765C843 --renderer-client-id=8 --mojo-platform-channel-handle=2800 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=6021BB20CE4C1C8D292B629759E8F16E --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=6021BB20CE4C1C8D292B629759E8F16E --renderer-client-id=9 --mojo-platform-channel-handle=2812 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=758DC994610B1837EBFEA65C31FD07DF --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=758DC994610B1837EBFEA65C31FD07DF --renderer-client-id=10 --mojo-platform-channel-handle=2836 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=E136DCD738B10075CDFE7490E3C559E1 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=E136DCD738B10075CDFE7490E3C559E1 --renderer-client-id=11 --mojo-platform-channel-handle=2844 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=7B6733B9FA91E54220CD690A5479AD78 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=7B6733B9FA91E54220CD690A5479AD78 --renderer-client-id=13 --mojo-platform-channel-handle=2988 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=2B98ACC31195D064CE92C29122668D8D --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=2B98ACC31195D064CE92C29122668D8D --renderer-client-id=15 --mojo-platform-channel-handle=7632 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=65DFDCDB669124436C7FB2BF093F9436 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=65DFDCDB669124436C7FB2BF093F9436 --renderer-client-id=16 --mojo-platform-channel-handle=7696 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe" --launcher=TaskScheduler
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --disable-databases --primordial-pipe-token=09D109467172660723E096A402B62414 --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\kille\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/4.1.1.202" --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="9380.0.873758495\317496898" --mojo-platform-channel-handle=2724 /prefetch:1
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\server.js"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 692 696 704 8192 700
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
E:\HOME\GAMES\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\kille\AppData\Local\Steam\htmlcache" "-steampid=10588" "-buildid=1496897923" "-steamid=0" "-clientui=E:\HOME\GAMES\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=E:\HOME\GAMES\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=31A31A9BE2003290D1D53880E5EB9741 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=31A31A9BE2003290D1D53880E5EB9741 --renderer-client-id=24 --mojo-platform-channel-handle=6916 /prefetch:1
"C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564 --primordial-pipe-token=D88678EDB2E378831DFC549B7339988A --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D88678EDB2E378831DFC549B7339988A --renderer-client-id=22 --mojo-platform-channel-handle=9420 /prefetch:1
"C:\Users\kille\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\X-Rite Device Services Software Updater.job - C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-killerisko@gmail.com - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001Core1d257fc88a55501 - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2749714667-2368359933-3780946547-1001UA1d257fc88c7eae6 - C:\Users\kille\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Noran Studio Two-in Studio 2 - C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Noran Studio Two-in Studio 2\Noran Studio Two-in Studio 2.dll",nygBSYITV
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\X-Rite Device Services Software Updater - C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
C:\WINDOWS\system32\tasks\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA} - C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\XRD Manager.exe /exenoupdates /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="C:\" AI_PREREQFILES="C:\Users\kille\AppData\Local\Temp\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}\drivers64.msi" AI_PREREQDIRS="C:\Users\kille\AppData\Local\Temp" OLDPRODUCTS="{425E7005-9EC8-4CFC-818A-D3511CE343B7}" AI_SETUPEXEPATH="C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\XRD Manager.exe" SETUPEXEDIR="C:\Users\kille\AppData\Local\Temp\is-BGA2D.tmp\" TARGETDIR="C:\" APPDIR="C:\Program Files (x86)\X-Rite\Devices\" COMPANYNAME="Microsoft"
C:\WINDOWS\system32\tasks\{425E7005-9EC8-4CFC-818A-D3511CE343B7} - C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\XRD Manager.exe /exenoupdates /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="C:\" AI_PREREQFILES="C:\Users\kille\AppData\Local\Temp\{425E7005-9EC8-4CFC-818A-D3511CE343B7}\drivers64.msi" AI_PREREQDIRS="C:\Users\kille\AppData\Local\Temp" OLDPRODUCTS="{EC551D01-8A2A-4C4E-A07B-4B84CE682129}" AI_SETUPEXEPATH="C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\XRD Manager.exe" SETUPEXEDIR="C:\Users\kille\AppData\Local\Temp\is-CGDHJ.tmp\" TARGETDIR="C:\" APPDIR="C:\Program Files (x86)\X-Rite\Devices\" COMPANYNAME="Microsoft"
C:\WINDOWS\system32\tasks\{AC450DA6-338F-4367-BC3C-370D6435E321} - C:\WINDOWS\system32\pcalua.exe -a "E:\HOME\GAMES\Ubisoft Game Launcher\upc.exe" -c uplay://uninstall/2184
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IPCWebComponents]
"Description"=
"Path"=C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\addons.json
Mozilla Firefox hotfix - extension - firefox-hotfix@mozilla.org

C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\features\{f609b0f6-c749-459e-9ba6-bc4b3ecbe47f}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\features\{f609b0f6-c749-459e-9ba6-bc4b3ecbe47f}\hsts-priming@mozilla.org.xpi
Logitech SetPoint - extension - {F003DA68-8256-4b37-A6C4-350FA04494DF} - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

C:\Users\kille\AppData\Roaming\Mozilla\Firefox\Profiles\nnaj0r3d.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 17.9.20044.25828 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.33.5 - C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
Plugin - npIPCReg DLL - 3.3.0.7 - C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll
Plugin - Google Update - 1.3.33.5 - C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll

=========Google Chrome=========

C:\Users\kille\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension ajopnjidmegmdimjlfnijceegpefgped 1 BetterTTV 7.2
Extension alelhddbbhepgpmgidjdcjakblofbmce
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfbmjmiodbnnpllbbbfblcplfjjepjdn 1 Turn Off the Lights 3.4.24.0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cihaednhfbocfdiflmpccekcmjepcnmb 0 Newsletter Creator for Gmail - Flashissue 3.1.0
Extension coobgpohoikkiipiblmjeljniedjpjpf
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 1 Adobe Acrobat 15.1.0.6
Extension efgpgbcidmnhkoeceikdacelidndbfgl
Extension ejjicmeblgpmajnghnpcppodonldlgfn 1 Kalendár Google 4.5.10
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension ffdaeeijbbijklfcpahbghahojgfgebo 1 Gyazo 2.6.0
Extension fnbdnhhicmebfgdgglcdacdapkcihcoh 1 Page Analytics (by Google) 1.7.7
Extension gbchcmhmhahfdphkhkmpfmihenigjmpp 1 Vzdialená plocha Chrome 59.0.3071.47
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.13.0
Extension gmbmikajjgmnabiglmofipeabaddhgne 1 Uložiť na Disk Google 2.1.1
Extension hbdkkfheckcdppiaiabobmennhijkknn 1 Open SEO Stats(Formerly: PageRank Status) 9.6.0.0
Extension heialfagdbdflgppjfmgmjdajchdgbjo 1 InstagramDL Plugin - Instagram Downloader 0.6.11
Extension hkgndiocipalkpejnpafdbdlfdjihomd 1 AirDroid 2.0.4
Extension hmjkmjkepdijhoojdojkdfohbdgmmhki 1 Google Keep – poznámky a zoznamy 3.1.17254.1423
Extension jbbmdehmiclndmeedcocofcjlpgjnmea 1 Twitch Fullscreen Plus 1.3.2
Extension jijknldiopccnikfclcmmjnponjkicbc
Extension jnkdcmgmnegofdddphijckfagibepdlb 1 InstaG Downloader 1.7.1
Extension kbfnbcaeplbcioakkpcpgfkobkghlhen 1 Grammarly for Chrome 14.778.1011
Extension klbibkeccnjlkjkiokjodocebajanakg 1 The Great Suspender 6.30
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension ldibdoepbjbkkcbgndfljnphngpglhbb 0 mydlink services plugin 1.0.2.6
Extension ljphpjlafmmdmegmfbkacafhbegjfkkn 1 Top Eleven 2.0.0.5
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 2 Application Launcher for Drive (by Google) 3.2
Extension mafbdhjdkjnoafhfelkjpchpaepjknad 1 Morpheon Dark 3.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mihcahmgecmbnbcchbopgniflfhgnkff 1 Kontrola pošty Google 4.4.0
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.3
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension ookhcbgokankfmjafalglpofmolfopek 0 Kontrola Kalendára Google (od spoločnosti Google) 2.0.0
Extension pjjhlfkghdhmijklfnahfkpgmhcmfgcm
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5917.424.0.6
Extension ppcjiigginhdhihbdlejjoekeemjaiml 0
Homepage: https://www.reddit.com/
default_search_provider.search_url:
C:\Users\kille\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26 435320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26 366200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-21 13886208]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-21 1402624]
"RtsFT"=RTFTrack.exe []
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-09-19 7818040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-05-03 1893496]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 3113592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\kille\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-06-14 1555664]
"Google Update"=C:\Users\kille\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-04-29 601168]
"Steam"=E:\HOME\GAMES\Steam\steam.exe [2017-06-08 3042592]
"Viber"=C:\Users\kille\AppData\Local\Viber\Viber.exe [2017-06-12 31098960]
"GoogleChromeAutoLaunch_3BB6DB8E3F3093BC6130F8117C9DFBDF"=C:\Users\kille\AppData\Local\Google\Chrome\Application\chrome.exe [2017-06-23 1197912]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-03-21 23819304]
"Spotify Web Helper"=C:\Users\kille\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-01-15 1431664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-06-04 2406496]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2016-08-04 596640]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
i1Profiler Tray.lnk - C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
XRGamma.lnk - C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02 65992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

====== List of files/folders created in the last 1 month ======

2017-06-28 20:18:55 ----D---- C:\_OTM
2017-06-28 15:28:52 ----HD---- C:\OneDriveTemp
2017-06-28 15:01:12 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2017-06-28 15:00:58 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-06-28 15:00:57 ----D---- C:\ProgramData\Malwarebytes
2017-06-28 15:00:57 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-06-28 14:47:29 ----D---- C:\ProgramData\d3be4809759148b88ab5e27566b2be69
2017-06-28 14:47:28 ----D---- C:\Users\kille\AppData\Roaming\3b43937937c04b3aaca22a4243b8a621
2017-06-26 17:44:29 ----D---- C:\Users\kille\AppData\Roaming\.mono
2017-06-26 17:44:29 ----D---- C:\ProgramData\.mono
2017-06-26 14:18:16 ----D---- C:\Users\kille\AppData\Roaming\Corel
2017-06-26 14:17:25 ----D---- C:\Program Files\Common Files\Corel
2017-06-26 14:15:36 ----D---- C:\Program Files\Corel
2017-06-26 11:02:23 ----D---- C:\ProgramData\Protexis
2017-06-26 10:49:22 ----D---- C:\ProgramData\Protexis64
2017-06-26 10:46:59 ----D---- C:\Program Files (x86)\gs
2017-06-26 10:45:34 ----D---- C:\Program Files\Common Files\Protexis
2017-06-26 10:44:35 ----D---- C:\ProgramData\Corel
2017-06-26 10:38:15 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-06-20 08:42:46 ----A---- C:\WINDOWS\system32\drivers\cfidsk.sys
2017-06-16 01:02:30 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-15 20:14:19 ----D---- C:\FRST
2017-06-15 19:53:33 ----D---- C:\AdwCleaner
2017-06-15 17:58:20 ----D---- C:\rsit
2017-06-15 17:58:20 ----D---- C:\Program Files\trend micro
2017-06-13 22:58:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-13 22:58:38 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-06-13 22:58:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-06-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-06-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-06-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-06-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-13 22:58:31 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-06-13 22:58:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-06-13 22:58:30 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-13 22:58:29 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-06-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-06-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-06-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-06-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\devicengccredprov.dll
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-06-13 22:58:23 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\SYSWOW64\capauthz.dll
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-06-13 22:58:22 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-06-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\xboxgipsynthetic.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\NPSMDesktopProvider.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\DictationManager.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-13 22:58:20 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-13 22:58:15 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-06-13 22:58:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-13 22:58:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\winmde.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-06-13 22:58:12 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-13 22:58:11 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-06-13 22:58:10 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-06-13 22:58:10 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-13 22:58:09 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\snmptrap.exe
2017-06-13 22:58:09 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys
2017-06-13 22:58:07 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-13 22:58:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-13 22:58:06 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-13 22:58:05 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-06-13 22:58:04 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-06-13 22:58:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-06-13 22:58:00 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-06-13 22:57:58 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-06-13 22:57:58 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-13 22:57:57 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\mfsvr.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\MapsStore.dll
2017-06-13 22:57:56 ----A---- C:\WINDOWS\system32\MapRouter.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\wpncore.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\mfps.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\mfplat.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\ISM.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\InputService.dll
2017-06-13 22:57:55 ----A---- C:\WINDOWS\system32\devicengccredprov.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\wpnprv.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\NPSM.dll
2017-06-13 22:57:54 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-06-13 22:57:53 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-13 22:57:52 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-13 22:57:52 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-13 22:57:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-13 22:57:51 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-13 22:57:50 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-06-13 22:57:47 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-06-13 22:57:47 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-06-13 22:57:46 ----A---- C:\WINDOWS\HelpPane.exe
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\umpo.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\tzres.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2017-06-13 22:57:45 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-06-13 22:57:44 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-13 22:57:43 ----A---- C:\WINDOWS\system32\twinui.dll
2017-06-13 22:57:43 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-06-13 22:57:42 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-13 22:57:41 ----A---- C:\WINDOWS\explorer.exe
2017-06-13 22:57:40 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-13 22:57:40 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-06-13 22:57:39 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-06-13 22:57:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-06-13 22:57:37 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-06-13 22:57:36 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-13 22:57:35 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-06-13 22:57:35 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-06-13 22:57:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-06-13 22:57:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\usocore.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-13 22:57:32 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\SRH.dll
2017-06-13 22:57:31 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-13 22:57:30 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\msctf.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\efscore.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-06-13 22:57:29 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\provengine.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-06-13 22:57:28 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\sysmain.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\rdbui.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\DictationManager.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\comctl32.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\capauthz.dll
2017-06-13 22:57:27 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-06-13 22:57:27 ----A---- C:\WINDOWS\bfsvc.exe
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\drivers\ksthunk.sys
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-13 22:57:26 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-06-13 22:57:25 ----A---- C:\WINDOWS\system32\comdlg32.dll

====== List of files/folders modified in the last 1 month ======

2017-06-28 20:24:41 ----D---- C:\Users\kille\AppData\Roaming\ViberPC
2017-06-28 20:24:15 ----D---- C:\WINDOWS\Prefetch
2017-06-28 20:23:28 ----D---- C:\WINDOWS\Temp
2017-06-28 20:23:27 ----D---- C:\ProgramData\NVIDIA
2017-06-28 20:23:20 ----D---- C:\WINDOWS\System32
2017-06-28 20:21:23 ----D---- C:\WINDOWS\system32\sru
2017-06-28 20:21:01 ----D---- C:\Windows
2017-06-28 19:12:30 ----RD---- C:\WINDOWS\Microsoft.NET
2017-06-28 19:11:41 ----D---- C:\WINDOWS\system32\SleepStudy
2017-06-28 18:00:47 ----AD---- C:\Program Files (x86)\TeamViewer
2017-06-28 16:31:08 ----D---- C:\CCProxy
2017-06-28 15:23:20 ----RSD---- C:\WINDOWS\Media
2017-06-28 15:23:20 ----D---- C:\WINDOWS\system32\drivers
2017-06-28 15:19:42 ----RD---- C:\Program Files (x86)
2017-06-28 15:19:35 ----D---- C:\WINDOWS\system32\Tasks
2017-06-28 15:19:32 ----D---- C:\Program Files\Noran Studio Two-in Studio 2
2017-06-28 15:00:57 ----HD---- C:\ProgramData
2017-06-28 14:55:17 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-06-28 14:52:47 ----D---- C:\WINDOWS\Tasks
2017-06-28 14:47:17 ----D---- C:\Program Files\Windows Media Player
2017-06-28 14:47:11 ----D---- C:\Program Files\Windows NT
2017-06-28 14:47:11 ----D---- C:\Program Files\Realtek
2017-06-28 14:47:09 ----RD---- C:\Program Files
2017-06-28 14:44:46 ----D---- C:\Users\kille\AppData\Roaming\uTorrent
2017-06-28 10:10:26 ----HD---- C:\Program Files\WindowsApps
2017-06-28 10:10:26 ----D---- C:\WINDOWS\AppReadiness
2017-06-27 21:42:43 ----D---- C:\Users\kille\AppData\Roaming\FileZilla
2017-06-27 10:16:17 ----RSD---- C:\WINDOWS\Fonts
2017-06-26 22:08:52 ----D---- C:\Users\kille\AppData\Roaming\vlc
2017-06-26 14:17:44 ----SHDC---- C:\WINDOWS\Installer
2017-06-26 14:17:28 ----AD---- C:\Program Files\Common Files\microsoft shared
2017-06-26 14:17:25 ----D---- C:\Program Files\Common Files
2017-06-26 14:16:00 ----RD---- C:\WINDOWS\assembly
2017-06-26 12:58:08 ----D---- C:\WINDOWS\system32\catroot2
2017-06-26 12:54:08 ----SHD---- C:\System Volume Information
2017-06-26 11:25:43 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-26 11:03:42 ----D---- C:\Program Files (x86)\Common Files
2017-06-26 10:46:33 ----D---- C:\ProgramData\Package Cache
2017-06-26 10:45:02 ----D---- C:\WINDOWS\SysWOW64
2017-06-23 22:54:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-19 16:17:54 ----D---- C:\Users\kille\AppData\Roaming\Spotify
2017-06-19 13:34:13 ----D---- C:\WINDOWS\INF
2017-06-16 19:16:59 ----D---- C:\WINDOWS\rescache
2017-06-15 17:43:46 ----D---- C:\WINDOWS\system32\NDF
2017-06-15 17:25:19 ----D---- C:\WINDOWS\system32\config
2017-06-15 10:23:16 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-15 10:23:14 ----D---- C:\WINDOWS\WinSxS
2017-06-14 17:20:09 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-06-14 17:20:09 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-06-14 17:20:05 ----SD---- C:\WINDOWS\system32\F12
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\sk-SK
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\oobe
2017-06-14 17:20:05 ----D---- C:\WINDOWS\system32\appraiser
2017-06-14 17:20:00 ----D---- C:\WINDOWS\ShellExperiences
2017-06-14 17:19:59 ----D---- C:\WINDOWS\AppPatch
2017-06-14 17:19:58 ----RD---- C:\Program Files\Windows Defender
2017-06-14 17:19:58 ----D---- C:\Program Files\Windows Photo Viewer
2017-06-14 17:19:58 ----D---- C:\Program Files\Internet Explorer
2017-06-14 17:19:58 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 17:19:58 ----D---- C:\Program Files (x86)\Internet Explorer
2017-06-13 23:08:17 ----D---- C:\WINDOWS\system32\MRT
2017-06-13 23:03:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-13 23:03:22 ----D---- C:\WINDOWS\CbsTemp
2017-06-07 15:11:58 ----D---- C:\Users\kille\AppData\Roaming\Adobe
2017-06-07 15:11:41 ----D---- C:\Program Files (x86)\Adobe
2017-06-03 08:32:49 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-06-02 10:52:31 ----D---- C:\Users\kille\AppData\Roaming\Origin
2017-06-02 10:52:31 ----D---- C:\ProgramData\Origin
2017-06-01 14:36:06 ----D---- C:\ProgramData\boost_interprocess
2017-06-01 00:46:26 ----D---- C:\WINDOWS\LiveKernelReports
2017-05-31 19:58:59 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 13:41:45 ----D---- C:\ProgramData\Adobe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-04-30 677360]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-05-02 47032]
R1 cfidsk;cfidsk; C:\WINDOWS\system32\drivers\cfidsk.sys [2017-06-20 196520]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2014-11-27 91784]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2014-11-27 162136]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2014-11-27 331608]
R2 rzpmgrk;rzpmgrk; \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys [2015-09-22 37184]
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys [2015-12-14 130880]
R3 ACPIVPC;@oem149.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-04 42328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem37.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-05-28 31136]
R3 ibtfltcoex;@oem106.inf,%PROVIDER_NAME%;Intel Corporation; C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys [2015-07-01 79632]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2017-03-18 121344]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-06-28 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-05-12 64216]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2017-03-18 3343872]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_020c5444f1367c00\nvlddmkm.sys [2017-05-02 14456944]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-05-03 48248]
R3 nvvhci;@oem19.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-05-02 59448]
R3 rtsuvc;@oem74.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-08-30 3069680]
R3 rzendpt;@oem147.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [2016-06-23 51736]
R3 rzudd;@oem73.inf,%Razer.SvcDesc%;Razer Keyboard Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2016-06-23 203288]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-03-18 181248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-03-18 105472]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-03-18 47104]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-03-18 96768]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-03-18 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2017-04-19 980992]
S3 btmaux;@oem29.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\WINDOWS\system32\DRIVERS\btmaux.sys [2013-07-22 140600]
S3 dg_ssudbus;@oem143.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-18 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-18 47672]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 LEqdUsb;@oem128.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2015-06-18 87696]
S3 LHidEqd;@oem109.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2015-06-18 23184]
S3 LHidFilt;@oem137.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 86672]
S3 LMouFilt;@oem137.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 69264]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-19 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-03 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-03-18 180736]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-06-04 814688]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-08-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-08-26 1157496]
R2 CDPUserSvc_6614e;Connected Devices Platform User Service_6614e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2014-11-27 4608320]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-18 157128]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-05-03 450168]
R2 OneSyncSvc_6614e;Sync Host_6614e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 337776]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2016-06-20 69760]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-05-20 335808]
R3 PimIndexMaintenanceSvc_6614e;Kontaktné údaje_6614e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-06-08 1607968]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 Origin Web Helper Service;Origin Web Helper Service; E:\HOME\GAMES\Origin\OriginWebHelperService.exe [2017-06-02 3125656]
S2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-05 188072]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-04-18 1517576]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_6614e;DevicesFlow_6614e; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 356808]
S3 MessagingService_6614e;MessagingService_6614e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; E:\HOME\GAMES\Origin\OriginClientService.exe [2017-06-02 2155920]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Smazáno. Nastala nějaká změna?

zatial sa zda vsetko ok... akurat mam stale este taky podozrievavy blby pocit, kedze to vyzeralo dost zle iba pred par hodinami

Nechám to tu otevřené, v případě potřeby se ozvěte.

logy z inych programov este netreba pre istotu? ale asi nie, ak to nevyzadujete

dufam, ze ste za tuto pracu pan Rudy plateny, lebo ak nie, tak OBROVSKY RESPEKT pred vasou profesinalnou a expresnou robotou/zalubou... pomahat takto ochotne, doslovne zachranovat krky a pocitace, a z nasej strany zadarmo, sa v dnesnej dobe nevidi.. neskutocne podakovanie patri kazdemu kto takto na tomto fore pomaha! ak by som vas poznal osobne p. Rudy, tak by ste mali flasu vina minimalne nech vam to vydrzi a nech vam zato ide patricna odmena, aby vas to neprestalo bavit