VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by LenovoX at 2018-07-03 14:06:47
Microsoft Windows 8.1 Pro
System drive C: has 37 GB (37%) free of 100 GB
Total RAM: 8061 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:06:52, on 3.7.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\IObit\Driver Booster\5.4.0\Scheduler.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\LenovoX.Lenovo\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\LenovoX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [World of Warships] "F:\Games\World of Warships\WargamingGameUpdater.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem1.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8387 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-25 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-21 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-25 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsDriverScan86"=C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [2014-08-10 1501]
"WindowsDriverScan64"=C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [2014-08-10 1419]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-02-12 5263040]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-04-03 3199776]
"World of Warships"=F:\Games\World of Warships\WargamingGameUpdater.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-07-03 14:06:47 ----D---- C:\rsit
2018-07-03 14:06:47 ----D---- C:\Program Files (x86)\trend micro
2018-06-25 22:45:25 ----D---- C:\Program Files (x86)\Common Files\Java
2018-06-25 22:45:04 ----D---- C:\Program Files (x86)\Common Files\Oracle
2018-06-25 22:43:51 ----D---- C:\Program Files (x86)\Microsoft XNA
2018-06-25 22:42:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2018-06-25 22:42:03 ----SHD---- C:\Config.Msi
2018-06-25 22:17:50 ----D---- C:\Windows\SysWOW64\RTCOM
2018-06-25 22:16:19 ----A---- C:\Windows\SysWOW64\SFCOM.dll
2018-06-25 22:15:09 ----A---- C:\Windows\SysWOW64\RtCamX.dll
2018-06-25 22:15:09 ----A---- C:\Windows\RtCamU64.exe
2018-06-25 22:14:04 ----D---- C:\Windows\LastGood.Tmp
2018-06-25 22:13:21 ----A---- C:\Windows\SysWOW64\jmcricon.dll
2018-06-25 22:02:25 ----D---- C:\Windows\IObit
2018-06-25 22:02:25 ----D---- C:\ProgramData\ProductData
2018-06-25 22:01:31 ----D---- C:\ProgramData\IObit
2018-06-25 22:01:30 ----A---- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
2018-06-25 22:01:27 ----D---- C:\Program Files (x86)\IObit
2018-06-25 22:00:50 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit
2018-06-22 13:57:04 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\Goldhawk Interactive
2018-06-22 13:57:04 ----D---- C:\ProgramData\Goldhawk Interactive
2018-06-19 21:11:21 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\FiraxisLive
2018-06-19 21:07:42 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\ModLauncherWPF
2018-06-13 20:09:58 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2018-06-13 20:09:56 ----A---- C:\Windows\SysWOW64\mshtml.dll
2018-06-13 20:09:52 ----A---- C:\Windows\SysWOW64\mfcore.dll
2018-06-13 20:09:52 ----A---- C:\Windows\SysWOW64\ieframe.dll
2018-06-13 20:09:51 ----A---- C:\Windows\SysWOW64\Wldap32.dll
2018-06-13 20:09:51 ----A---- C:\Windows\SysWOW64\WinSCard.dll
2018-06-13 20:09:51 ----A---- C:\Windows\SysWOW64\webservices.dll
2018-06-13 20:09:50 ----A---- C:\Windows\SysWOW64\WsmWmiPl.dll
2018-06-13 20:09:50 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2018-06-13 20:09:49 ----A---- C:\Windows\SysWOW64\wimgapi.dll
2018-06-13 20:09:49 ----A---- C:\Windows\SysWOW64\jscript.dll
2018-06-13 20:09:48 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 20:09:46 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 20:09:45 ----A---- C:\Windows\SysWOW64\certcli.dll
2018-06-13 20:09:43 ----A---- C:\Windows\SysWOW64\wininet.dll
2018-06-13 20:09:43 ----A---- C:\Windows\SysWOW64\urlmon.dll
2018-06-13 20:09:43 ----A---- C:\Windows\SysWOW64\jscript9.dll
2018-06-13 20:09:43 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 20:09:42 ----A---- C:\Windows\SysWOW64\vbscript.dll
2018-06-13 20:09:42 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2018-06-04 20:59:45 ----D---- C:\ProgramData\RELOADED

======List of files/folders modified in the last 1 month======

2018-07-03 14:06:49 ----D---- C:\Windows\Prefetch
2018-07-03 14:06:47 ----RD---- C:\Program Files (x86)
2018-07-03 14:03:41 ----D---- C:\Windows\Temp
2018-07-03 14:03:21 ----D---- C:\ProgramData\NVIDIA
2018-07-02 21:23:33 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\.minecraft
2018-07-02 12:37:00 ----D---- C:\Windows\Microsoft.NET
2018-07-01 15:53:46 ----D---- C:\Windows\Inf
2018-06-30 22:23:12 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\uTorrent
2018-06-29 20:46:17 ----D---- C:\Program Files (x86)\Steam
2018-06-29 20:18:07 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\The Creative Assembly
2018-06-26 15:45:00 ----SHD---- C:\System Volume Information
2018-06-25 22:46:45 ----SHD---- C:\Windows\Installer
2018-06-25 22:46:42 ----D---- C:\Windows\WinSxS
2018-06-25 22:46:13 ----D---- C:\Windows\SysWOW64
2018-06-25 22:46:08 ----D---- C:\ProgramData\Package Cache
2018-06-25 22:45:25 ----D---- C:\Program Files (x86)\Common Files
2018-06-25 22:44:44 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-06-25 22:44:23 ----D---- C:\Program Files (x86)\Java
2018-06-25 22:43:55 ----RSD---- C:\Windows\assembly
2018-06-25 22:43:51 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2018-06-25 22:43:42 ----SD---- C:\ProgramData\Microsoft
2018-06-25 22:42:42 ----RD---- C:\Program Files
2018-06-25 22:42:24 ----D---- C:\Windows\System32
2018-06-25 22:28:04 ----D---- C:\Windows
2018-06-25 22:17:58 ----HD---- C:\ProgramData
2018-06-25 22:01:30 ----D---- C:\Windows\SysWOW64\drivers
2018-06-21 23:25:46 ----D---- C:\Users\LenovoX.Lenovo\AppData\Roaming\Infinity
2018-06-14 17:40:13 ----D---- C:\Windows\CbsTemp
2018-06-14 16:21:19 ----D---- C:\Windows\rescache
2018-06-13 23:11:35 ----D---- C:\Windows\SysWOW64\en-US
2018-06-13 23:11:35 ----D---- C:\Program Files (x86)\Internet Explorer
2018-06-05 21:19:38 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-05 18:41:56 ----D---- C:\Program Files (x86)\Nexus Mod Manager
2018-06-05 10:47:41 ----D---- C:\Windows\SysWOW64\directx
2018-06-04 14:34:46 ----D---- C:\Program Files (x86)\Microsoft Games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys []
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys []
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys []
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2018-06-25 27552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys []
R3 bcbtums;@oem47.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 dtlitescsibus;@oem15.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys []
R3 dtliteusbbus;@oem16.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 iwdbus;@oem6.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys []
R3 JMCR;JMCR; C:\Windows\System32\drivers\jmcr.sys []
R3 L1C;@oem42.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys []
R3 MEIx64;@oem38.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys []
R3 NETwNe64;@oem46.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\Windows\system32\DRIVERS\NETwew00.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 nvvad_WaveExtensible;@oem49.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
R3 nvvhci;@oem13.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys []
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys []
R3 rtsuvc;@oem45.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys []
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys []
S0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys []
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 btwampfl;@oem47.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys []
S3 intaud_WaveExtensible;@oem5.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-03-14 31168]
S3 tap0901;@oem12.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys []
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-06-21 322464]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 33088]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe []
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14 522688]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-01-24 462920]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-03-14 469952]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-06-21 7780400]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-02-12 3480768]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 BcmBtRSupport;@oem1.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16 153168]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-12-11 1050904]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 33088]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16 153168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14 522688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-04-03 1671968]

-----------------EOF-----------------

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.0
# -------------------------------
# Build: 06-26-2018
# Database: 2018-07-03.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-04-2018
# Duration: 00:00:03
# OS: Windows 8.1 Pro
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C57AB73-460F-4968-AA43-083C93B15884}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1610 octets] - [04/07/2018 00:10:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Nech sa páči
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by LenovoX (administrator) on LENOVO (04-07-2018 00:35:34)
Running from C:\Users\LenovoX.Lenovo\Desktop
Loaded Profiles: LenovoX (Available Profiles: LenovoX)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Lenovo Group Limited) C:\Users\LenovoX.Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\LenovoX.Lenovo\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-21] (AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384360 2018-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-06-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-02-12] (Disc Soft Ltd)
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\Run: [World of Warships] => "F:\Games\World of Warships\WargamingGameUpdater.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b111-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b17f-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b759-1346-11e8-824e-20689d9db773} - "H:\steambackup.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {33f51f73-1647-11e8-8251-a893c527ac1e} - "K:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82c9-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82e7-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486fd-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486ff-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-24] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{083047F8-E418-4BBF-9F82-F8201045FF9B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-21] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-21] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-25] (Oracle Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-06-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-06-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]
CHR Extension: (Slides) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-16]
CHR Extension: (Docs) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-16]
CHR Extension: (Google Drive) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-16]
CHR Extension: (YouTube) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-16]
CHR Extension: (Sheets) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-21] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-02-12] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-06-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-06-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-06-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-06-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-06-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-06-21] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-06-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-06-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-06-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-06-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [463080 2018-06-21] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-06-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-06-21] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-02-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-02-17] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-06-25] (REALiX(tm))
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3352336 2018-06-25] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-06-25] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [59752 2018-01-10] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2584280 2018-06-25] (Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28400 2018-03-06] () [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 00:35 - 2018-07-04 00:35 - 000016304 _____ C:\Users\LenovoX.Lenovo\Desktop\FRST.txt
2018-07-04 00:34 - 2018-07-04 00:35 - 000000000 ____D C:\FRST
2018-07-04 00:33 - 2018-07-04 00:33 - 002412544 _____ (Farbar) C:\Users\LenovoX.Lenovo\Desktop\FRST64.exe
2018-07-04 00:33 - 2018-07-04 00:33 - 000112640 _____ (forum.viry.cz) C:\Users\LenovoX.Lenovo\Desktop\FRSTLauncher.exe
2018-07-03 16:45 - 2018-07-03 16:45 - 072932496 _____ (Malwarebytes ) C:\Users\LenovoX.Lenovo\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5727.exe
2018-07-03 16:30 - 2018-07-03 16:31 - 007395536 _____ (Malwarebytes) C:\Users\LenovoX.Lenovo\Downloads\adwcleaner_7.2.1.exe
2018-07-03 14:06 - 2018-07-03 14:06 - 001107968 _____ C:\Users\LenovoX.Lenovo\Downloads\RSIT.exe
2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\rsit
2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\Program Files (x86)\trend micro
2018-06-30 21:27 - 2018-06-30 21:27 - 000000619 _____ C:\Users\Public\Desktop\Company of Heroes 2.lnk
2018-06-25 22:43 - 2018-06-25 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-06-25 22:43 - 2018-06-25 22:43 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2018-06-25 22:42 - 2018-06-25 22:42 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-06-25 22:42 - 2018-06-25 22:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-06-25 22:32 - 2018-06-25 22:32 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\AVAST Software
2018-06-25 22:18 - 2018-06-25 22:18 - 000067432 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____D C:\Windows\system32\DAX2
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____D C:\Program Files\Realtek
2018-06-25 22:16 - 2018-06-25 22:16 - 072520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-06-25 22:16 - 2018-06-25 22:16 - 012447325 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-06-25 22:16 - 2018-06-25 22:16 - 007172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 007096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 006264632 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 005842912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-06-25 22:16 - 2018-06-25 22:16 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2018-06-25 22:16 - 2018-06-25 22:16 - 005346992 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 003677160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-06-25 22:16 - 2018-06-25 22:16 - 003509232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 003507688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 002210280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001959600 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001347136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001133064 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000965024 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000727432 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000708304 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000691680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000447712 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000445392 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000441264 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000378376 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000362048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000310416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000231912 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000151784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000134192 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000090912 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000088312 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-06-25 22:15 - 2018-06-25 22:15 - 008108584 _____ C:\Windows\system32\Drivers\Netwfw00.dat
2018-06-25 22:15 - 2018-06-25 22:15 - 003352336 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwew00.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 002628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2018-06-25 22:15 - 2018-06-25 22:15 - 002584280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 000507096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2018-06-25 22:15 - 2018-06-25 22:15 - 000448728 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2018-06-25 22:15 - 2018-06-25 22:15 - 000213312 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 000186152 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 000069661 _____ C:\Windows\system32\Drivers\BCM20702A1_001.002.014.1443.1488.hex
2018-06-25 22:14 - 2018-06-25 22:19 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-06-25 22:13 - 2018-06-25 22:13 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\SysWOW64\jmcricon.dll
2018-06-25 22:13 - 2018-06-25 22:13 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\system32\jmcricon.dll
2018-06-25 22:13 - 2018-06-25 22:13 - 000176880 _____ (JMicron Technology Corporation) C:\Windows\system32\Drivers\jmcr.sys
2018-06-25 22:13 - 2018-06-25 22:13 - 000130248 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C63x64.sys
2018-06-25 22:12 - 2018-06-25 22:12 - 000186424 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2018-06-25 22:02 - 2018-06-25 22:02 - 000000000 ____D C:\Windows\IObit
2018-06-25 22:02 - 2018-06-25 22:02 - 000000000 ____D C:\ProgramData\ProductData
2018-06-25 22:01 - 2018-07-03 14:22 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (LenovoX)
2018-06-25 22:01 - 2018-06-25 22:46 - 000002298 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit
2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\ProgramData\IObit
2018-06-25 22:01 - 2018-06-25 22:01 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2018-06-25 22:01 - 2018-06-25 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
2018-06-25 22:01 - 2018-06-25 22:01 - 000000000 ____D C:\Program Files (x86)\IObit
2018-06-25 22:00 - 2018-06-25 22:40 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit
2018-06-22 22:42 - 2018-06-22 22:42 - 000000995 _____ C:\Users\LenovoX.Lenovo\Desktop\zt - Shortcut.lnk
2018-06-22 13:57 - 2018-06-22 21:01 - 000000000 ____D C:\Users\LenovoX.Lenovo\Documents\Xenonauts
2018-06-22 13:57 - 2018-06-22 13:57 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\Goldhawk Interactive
2018-06-22 13:57 - 2018-06-22 13:57 - 000000000 ____D C:\ProgramData\Goldhawk Interactive
2018-06-22 13:44 - 2018-06-22 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xenonauts [GOG.com]
2018-06-21 18:16 - 2018-06-21 18:16 - 000002313 _____ C:\Users\LenovoX.Lenovo\Desktop\Infinity.lnk
2018-06-21 18:16 - 2018-06-21 18:16 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\Infinity
2018-06-21 18:15 - 2018-06-21 18:15 - 000099216 _____ (Daring Development Inc.) C:\Users\LenovoX.Lenovo\Downloads\Infinity-Setup.exe
2018-06-21 15:39 - 2018-06-21 15:39 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-06-19 21:11 - 2018-06-19 22:22 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\FiraxisLive
2018-06-19 21:07 - 2018-06-19 21:07 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\ModLauncherWPF
2018-06-13 20:09 - 2018-05-25 07:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 20:09 - 2018-05-25 06:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 20:09 - 2018-05-25 06:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 20:09 - 2018-05-25 06:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 20:09 - 2018-05-25 06:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 20:09 - 2018-05-25 06:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 20:09 - 2018-05-25 06:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 20:09 - 2018-05-25 06:03 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 20:09 - 2018-05-25 05:56 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 20:09 - 2018-05-25 05:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 20:09 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 20:09 - 2018-05-25 05:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 20:09 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 20:09 - 2018-05-25 05:44 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 20:09 - 2018-05-25 05:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 20:09 - 2018-05-25 05:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 20:09 - 2018-05-25 05:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 20:09 - 2018-05-25 05:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 20:09 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 20:09 - 2018-05-25 05:38 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 20:09 - 2018-05-25 05:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 20:09 - 2018-05-25 05:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 20:09 - 2018-05-25 05:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 20:09 - 2018-05-25 05:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 20:09 - 2018-05-25 05:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 20:09 - 2018-05-23 07:56 - 007406944 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 20:09 - 2018-05-23 07:45 - 000027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2018-06-13 20:09 - 2018-05-23 07:39 - 001676064 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 20:09 - 2018-05-23 06:13 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2018-06-13 20:09 - 2018-05-15 07:47 - 002334624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-06-13 20:09 - 2018-05-15 07:47 - 000244304 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 20:09 - 2018-05-15 07:33 - 001308352 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 20:09 - 2018-05-15 06:57 - 002324752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-06-13 20:09 - 2018-05-15 06:17 - 000032640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 20:09 - 2018-05-15 06:04 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2018-06-13 20:09 - 2018-05-15 05:05 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2018-06-13 20:09 - 2018-05-15 04:57 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2018-06-13 20:09 - 2018-05-15 04:51 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2018-06-13 20:09 - 2018-05-12 23:11 - 000532664 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 20:09 - 2018-05-12 23:06 - 000567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 20:09 - 2018-05-12 22:51 - 002014040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 20:09 - 2018-05-12 22:51 - 000923480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-06-13 20:09 - 2018-05-12 21:08 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 20:09 - 2018-05-11 05:04 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 20:09 - 2018-05-05 21:05 - 001543800 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 20:09 - 2018-05-05 20:15 - 001178136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 20:09 - 2018-05-05 18:38 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-06-13 20:09 - 2018-05-05 18:23 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2018-06-13 20:09 - 2018-04-07 18:48 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-06-13 20:09 - 2018-04-07 18:47 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-13 20:09 - 2018-04-07 18:43 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-06-13 20:09 - 2018-04-07 18:09 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-06-13 20:09 - 2018-04-07 17:34 - 002255360 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-06-13 20:09 - 2018-04-07 17:15 - 001942016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-06-13 20:09 - 2018-04-05 19:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc63.sys
2018-06-13 20:09 - 2018-04-05 19:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\NetVscCoinstall.dll
2018-06-13 20:09 - 2018-03-29 03:33 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2018-06-13 20:09 - 2018-03-29 03:21 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2018-06-13 20:09 - 2018-03-29 03:06 - 002608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-06-13 20:09 - 2018-03-29 03:05 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-06-13 20:09 - 2018-03-29 02:26 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2018-06-13 20:09 - 2018-03-29 02:24 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2018-06-05 11:59 - 2018-06-05 18:41 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\Fallout4
2018-06-05 11:36 - 2018-06-05 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-06-04 20:59 - 2018-06-04 20:59 - 000000000 ____D C:\ProgramData\RELOADED

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 00:25 - 2018-02-16 19:49 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7E44207E-11CE-45AA-8B2E-296326876427}
2018-07-04 00:16 - 2018-02-16 19:54 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-04 00:12 - 2018-02-16 20:22 - 000000000 __SHD C:\Users\LenovoX\IntelGraphicsProfiles
2018-07-04 00:12 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-04 00:10 - 2018-02-22 21:06 - 000000000 ____D C:\AdwCleaner
2018-07-03 14:29 - 2018-02-16 19:45 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-03 14:29 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-07-02 21:23 - 2018-02-16 21:48 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\.minecraft
2018-07-01 16:04 - 2018-02-16 19:52 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2670462401-1286606041-1155036778-1001
2018-07-01 12:45 - 2018-04-30 22:32 - 000003188 _____ C:\Windows\System32\Tasks\{263A5873-C3AF-4837-B6CB-A74B9A1D7BD2}
2018-07-01 12:45 - 2018-04-02 14:14 - 000003284 _____ C:\Windows\System32\Tasks\{53147FCF-14D8-46CF-87DA-266EE3D04CFD}
2018-07-01 12:45 - 2018-03-31 11:08 - 000003378 _____ C:\Windows\System32\Tasks\{46989AE3-5EBD-43F0-8915-6EC7AB23BE78}
2018-07-01 12:45 - 2018-03-30 18:46 - 000003438 _____ C:\Windows\System32\Tasks\{7A457CB6-63E3-4A08-9EC5-D75FDC2A5863}
2018-07-01 12:45 - 2018-03-30 17:36 - 000003482 _____ C:\Windows\System32\Tasks\{F6E51710-FFD8-4C1B-AA9E-CC2CAA854C8D}
2018-07-01 12:45 - 2018-03-28 21:07 - 000003922 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-25 22:00 - 000003286 _____ C:\Windows\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA}
2018-07-01 12:45 - 2018-02-16 21:31 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-07-01 12:45 - 2018-02-16 20:02 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 19:52 - 000003370 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-01 12:45 - 2018-02-16 19:52 - 000003242 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-01 12:45 - 2018-02-16 19:43 - 000003706 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2018-06-30 22:23 - 2018-02-16 21:55 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\uTorrent
2018-06-30 22:23 - 2018-02-16 21:35 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\CrashDumps
2018-06-30 21:26 - 2018-02-17 00:38 - 000000000 ____D C:\Users\LenovoX.Lenovo\Desktop\HRY
2018-06-29 20:46 - 2018-04-11 07:50 - 000000000 ____D C:\Program Files (x86)\Steam
2018-06-29 20:18 - 2018-04-30 20:55 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\The Creative Assembly
2018-06-26 23:08 - 2018-02-16 19:53 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 23:08 - 2018-02-16 19:53 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-25 22:47 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-25 22:46 - 2018-02-16 20:01 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-25 22:45 - 2018-02-16 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-06-25 22:44 - 2018-02-16 21:47 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-06-25 22:44 - 2018-02-16 21:47 - 000000000 ____D C:\Program Files (x86)\Java
2018-06-25 11:41 - 2018-02-16 21:31 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-06-22 22:41 - 2018-04-09 19:39 - 000000000 ____D C:\Users\LenovoX.Lenovo\Documents\My Games
2018-06-21 23:25 - 2018-04-10 09:58 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\Infinity
2018-06-21 18:16 - 2018-04-10 09:58 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2018-06-21 18:16 - 2018-04-10 09:58 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\SquirrelTemp
2018-06-21 15:39 - 2018-02-16 21:31 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000463080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-06-14 17:40 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-06-14 16:21 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-06-13 22:01 - 2018-02-18 00:40 - 000000000 ____D C:\Windows\system32\MRT
2018-06-13 21:59 - 2018-02-18 00:39 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-13 21:59 - 2018-02-18 00:39 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-09 17:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2018-06-05 21:19 - 2018-03-16 22:35 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-05 21:19 - 2018-03-16 22:35 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-05 18:41 - 2018-05-24 12:36 - 000000000 ____D C:\Program Files (x86)\Nexus Mod Manager
2018-06-05 12:16 - 2018-02-16 21:38 - 000811008 ___SH C:\Users\LenovoX.Lenovo\Desktop\Thumbs.db
2018-06-05 10:47 - 2018-02-17 00:35 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-06-04 14:34 - 2018-02-20 15:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Games

==================== Files in the root of some directories =======

2018-02-20 17:28 - 2018-02-27 22:10 - 000000807 _____ () C:\Users\LenovoX.Lenovo\AppData\Roaming\burnaware.ini
2018-03-28 22:06 - 2003-04-09 05:28 - 000233472 ____R () C:\Users\LenovoX.Lenovo\AppData\Roaming\MafiaSetup.exe

Some files in TEMP:
====================
2018-04-07 12:33 - 2006-02-18 00:58 - 000724992 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\AutoRun.exe
2018-04-07 12:33 - 2006-01-20 22:11 - 000585728 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\AutoRunGUI.dll
2018-05-02 19:48 - 2018-05-02 21:13 - 000003072 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\CH.dll
2018-03-31 20:07 - 2018-03-31 20:07 - 000036864 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\CmdLineExt02.dll
2018-04-05 10:27 - 2004-09-20 12:27 - 000040960 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\comver.dll
2005-09-13 20:38 - 2005-09-13 20:38 - 000086016 ____N () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\dlc.exe
2018-05-29 11:18 - 2018-05-29 11:18 - 000065536 _____ (Sony DADC Austria AG) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\drm_dialogs.dll
2018-02-17 13:14 - 2018-02-17 13:14 - 031570904 _____ (Disc Soft Ltd) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\DTLite1071-0341.exe
2018-04-09 18:00 - 2006-02-18 00:58 - 000344064 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\eauninstall.exe
2018-05-19 11:25 - 2018-05-19 11:25 - 000476921 _____ (SIJUCD ) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\faket.exe
2018-05-19 11:24 - 2018-05-19 11:24 - 001793368 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\gimi.exe
2018-04-30 19:57 - 2009-03-03 20:33 - 000626688 ____R (Microsoft Corporation) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\msvcr80.dll
2018-04-30 19:57 - 2009-03-03 20:32 - 000081408 ____R () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\SimPack.exe
2018-04-23 20:24 - 2006-01-20 22:12 - 000073728 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\The Godfather The Game_uninst.exe
2018-05-19 11:25 - 2018-05-19 11:25 - 003407986 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\tilusorel.exe
2018-05-17 20:14 - 2018-05-17 18:09 - 000104112 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\Uninstall.exe
2018-04-30 19:57 - 2009-03-03 20:32 - 000075264 ____R (Zlib) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\zlib1.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-27 20:01

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:97.66 GB) (Free:35.98 GB) NTFS
Drive d: (EAGET) (Removable) (Total:14.62 GB) (Free:13.63 GB) FAT32
Drive e: (Local Disk) (Fixed) (Total:14.57 GB) (Free:14.55 GB) NTFS
Drive f: (Local Disk) (Fixed) (Total:368.1 GB) (Free:294.3 GB) NTFS
\\?\Volume{f1c480c1-133f-11e8-824b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS

Available physical RAM: 5927.14 MB
Total physical RAM: 8060.85 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 14.9 GB) (Disk ID: 45D71946)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0004F452)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
Disk: 2 (Size: 14.6 GB) (Disk ID: 002AED8A)
Partition 1: (Active) - (Size=14.6 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\LenovoX.Lenovo\Desktop" je 1389 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Tu je druhý súbor

Odporucam nepouzivat a odinstalovat vsetky programy od IObit (Driver Booster, Advanced SystemCare, atd) - su to cinske smejdy, ktore mozu poskodit system. V dalsiom prispevku potvrd, ci si tieto programy odinstaloval.

Su tam nejake zbytky po programe Wondershare, ten si odinstaloval?

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  Folder: C:\Program Files (x86)\Adobe Arkalis
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Pockaj na dokoncenie, nasledne vyskoci okno v ktorom klikni na OK, potom sa otvori log, ten sem skopiruj

Nasledne vytvor a posli nove logy z FRST (bez pouzitia FRSTLauncheru), docistime to este.

Dakujem moc ano Driver booster som odinstaloval čo sa týka toho Wondershare tak som ho nikde nenasiel

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by LenovoX (04-07-2018 10:43:45) Run:1
Running from C:\Users\LenovoX.Lenovo\Desktop
Loaded Profiles: LenovoX (Available Profiles: LenovoX)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Folder: C:\Program Files (x86)\Adobe Arkalis
End
*****************


========================= Folder: C:\Program Files (x86)\Adobe Arkalis ========================

2012-04-11 04:31 - 2012-04-11 04:31 - 000074240 ____A [F9982F8B1176597B81ED1285D1616CE7] () C:\Program Files (x86)\Adobe Arkalis\_ctypes.pyd
2012-04-11 04:31 - 2012-04-11 04:31 - 000285184 ____A [199BDE23EF347DBCCC6BF5A112B43C93] () C:\Program Files (x86)\Adobe Arkalis\_hashlib.pyd
2012-04-11 04:31 - 2012-04-11 04:31 - 000040960 ____A [07789A8C23BCEBE32F8BFD4CE4AF5FFB] () C:\Program Files (x86)\Adobe Arkalis\_socket.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 000008192 ____A [85CF2BB56729200902A204E688103148] () C:\Program Files (x86)\Adobe Arkalis\_win32sysloader.pyd
2012-12-04 00:40 - 2012-12-04 00:40 - 000024064 ____A [E41D27BB2F558180CFBFA7C48A0B3FFA] () C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
2012-08-18 13:09 - 2012-08-18 13:09 - 000004096 ____A [C6AC10422916B057802DBE70D06807BC] (Microsoft Corporation) C:\Program Files (x86)\Adobe Arkalis\API-MS-Win-Core-LocalRegistry-L1-1-0.dll
2014-08-10 21:37 - 2014-08-10 21:37 - 000000136 ____A [13FCA3FEB79A2814C97A8DC223B018E3] () C:\Program Files (x86)\Adobe Arkalis\Arkalis.bat
2014-08-10 21:38 - 2014-08-10 21:38 - 000001419 ____A [CAB1A7852AA7FB35AE2FEE8BBB695BA7] () C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
2014-08-10 21:36 - 2014-08-10 21:36 - 000001501 ____A [411F634A7DFE2A67FC83C2582415B66A] () C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
2012-06-15 14:20 - 2012-06-15 14:20 - 000219648 ____A [ED6F0D245A4B3B2E6B5DED17236425B9] () C:\Program Files (x86)\Adobe Arkalis\boost_python-vc90-mt-1_48.dll
2013-12-03 20:52 - 2013-12-03 20:52 - 000210760 ____A [2E221D1B6B61F246605DD0DF3FF08D2E] () C:\Program Files (x86)\Adobe Arkalis\daa46b277f76001f9104e6627449767f.elf
2012-11-18 17:32 - 2012-11-18 17:32 - 000000103 ____A [9342642F25FB897C198ED1518F1EF1D3] () C:\Program Files (x86)\Adobe Arkalis\defaults.ini
2012-12-04 00:40 - 2012-12-04 00:40 - 002558451 ____A [4E2BB480FBAE49228FB6DF19501120F3] () C:\Program Files (x86)\Adobe Arkalis\library.zip
2009-07-14 03:15 - 2009-07-14 03:15 - 000064000 ____A [B9A8CBCFCD3EC9D2EA4740AF347BF108] (Microsoft Corporation) C:\Program Files (x86)\Adobe Arkalis\MPR.dll
2010-04-30 14:51 - 2010-04-30 14:51 - 000569680 ____A [87AF258581A96331E14B11280721516F] (Microsoft Corporation) C:\Program Files (x86)\Adobe Arkalis\msvcp90.dll
2013-08-11 16:41 - 2013-08-11 16:41 - 000044032 ____A [BA2CF7D2D09AE9A29445704BD1B4F67B] (NirSoft) C:\Program Files (x86)\Adobe Arkalis\nircmd.exe
2012-09-20 04:41 - 2012-09-20 04:41 - 002222455 ____A [528F305B0EDAB492434507D5DA677647] () C:\Program Files (x86)\Adobe Arkalis\numpy.core._dotblas.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 001311275 ____A [D0050808A8B787D63E4240ABE517CD81] () C:\Program Files (x86)\Adobe Arkalis\numpy.core.multiarray.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 000174793 ____A [C117B290D9E786D4B823982434C3CE13] () C:\Program Files (x86)\Adobe Arkalis\numpy.core.scalarmath.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 000410432 ____A [D9D5150DB68B2011EECC74AD2D88AC40] () C:\Program Files (x86)\Adobe Arkalis\numpy.core.umath.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 000046383 ____A [9517B5F848626579F4A6AEE70DC832F6] () C:\Program Files (x86)\Adobe Arkalis\numpy.fft.fftpack_lite.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 000041019 ____A [F271600A0B2150077DCC5320D210E7D2] () C:\Program Files (x86)\Adobe Arkalis\numpy.lib._compiled_base.pyd
2012-09-20 04:42 - 2012-09-20 04:42 - 002382083 ____A [594CDB3A27D904D821A474979626AE50] () C:\Program Files (x86)\Adobe Arkalis\numpy.linalg.lapack_lite.pyd
2012-09-20 04:42 - 2012-09-20 04:42 - 000515437 ____A [C3F12BB21FB53993E236AEFA61DDB795] () C:\Program Files (x86)\Adobe Arkalis\numpy.random.mtrand.pyd
2012-11-18 17:32 - 2012-11-18 17:32 - 000009649 ____A [9A2031864A84B24896E506CC3D3E12D7] () C:\Program Files (x86)\Adobe Arkalis\phatk.cl
2012-12-04 00:40 - 2012-12-04 00:40 - 000019968 ____A [406E48F4076EFDFF575D365D7D71C524] () C:\Program Files (x86)\Adobe Arkalis\po_to_mo.exe
2012-06-19 18:01 - 2012-06-19 18:01 - 000577536 ____A [9C85BA4FCA850EDBE79F82FCD18FF536] () C:\Program Files (x86)\Adobe Arkalis\pyopencl._cl.pyd
2012-06-19 18:01 - 2012-06-19 18:01 - 000023552 ____A [02BE00274D7D2387D9484D4C0BDBF3C9] () C:\Program Files (x86)\Adobe Arkalis\pyopencl._pvt_struct.pyd
2009-10-26 07:24 - 2009-10-26 07:24 - 002149888 ____A [30718EB64E522BE5ABEC4D0D2CB3768B] (Python Software Foundation) C:\Program Files (x86)\Adobe Arkalis\python26.dll
2012-04-11 04:31 - 2012-04-11 04:31 - 002303488 ____A [FB9ECB14A14328711EEF9AACE1686614] (Python Software Foundation) C:\Program Files (x86)\Adobe Arkalis\python27.dll
2012-10-27 16:22 - 2012-10-27 16:22 - 000364544 ____A [72D8C1A1D90A3803CA16C8E49B3811A0] () C:\Program Files (x86)\Adobe Arkalis\pythoncom27.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 000110080 ____A [F0469ABB4F2914C78CE875A430425958] () C:\Program Files (x86)\Adobe Arkalis\pywintypes27.dll
2012-04-11 04:31 - 2012-04-11 04:31 - 000009728 ____A [3449BBFAC55BFA14CDFD83E2D90F3D7E] () C:\Program Files (x86)\Adobe Arkalis\select.pyd
2009-10-26 07:23 - 2009-10-26 07:23 - 000049664 ____A [0000F2885250FB6819278E2E95D5B572] () C:\Program Files (x86)\Adobe Arkalis\w9xpopen.exe
2012-10-27 16:21 - 2012-10-27 16:21 - 000098816 ____A [CD646E722C515CD13540B4B3D0E46E4B] () C:\Program Files (x86)\Adobe Arkalis\win32api.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 000025600 ____A [0C70D89FF28838AC2CBF5479BA585B86] () C:\Program Files (x86)\Adobe Arkalis\win32pdh.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 000024064 ____A [E1F9FC63175A0E6799CBB58A094A80FA] () C:\Program Files (x86)\Adobe Arkalis\win32pipe.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 000035840 ____A [DFA9C2B1D1D0D33A4BC9F140CCD68857] () C:\Program Files (x86)\Adobe Arkalis\win32process.pyd
2012-10-27 16:26 - 2012-10-27 16:26 - 000778752 ____A [6402424255B17023DD3CB287D778CC7A] () C:\Program Files (x86)\Adobe Arkalis\win32ui.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 000025088 ____A [BAE272192DF2CFD83408CC2FA5AC6572] () C:\Program Files (x86)\Adobe Arkalis\win32wnet.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 000966144 ____A [2E27F973C188D0E9788F522ED1891E33] () C:\Program Files (x86)\Adobe Arkalis\wx._controls_.pyd
2011-07-16 03:37 - 2011-07-16 03:37 - 000981504 ____A [D883388FB04560E996684E737A794F2E] () C:\Program Files (x86)\Adobe Arkalis\wx._core_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 000746496 ____A [6CEA3DDB8BFDE8F495ACA9C8148287E7] () C:\Program Files (x86)\Adobe Arkalis\wx._gdi_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 000674816 ____A [41C627ED1818E18B9D4DF9F1AFBC99F2] () C:\Program Files (x86)\Adobe Arkalis\wx._misc_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 000670720 ____A [A8346A7306D7FFDDA4098BDE75116A3D] () C:\Program Files (x86)\Adobe Arkalis\wx._windows_.pyd
2011-07-16 03:33 - 2011-07-16 03:33 - 000122368 ____A [C16669F70005C9DB111D509929915F6C] (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxbase28uh_net_vc.dll
2011-07-16 03:33 - 2011-07-16 03:33 - 001300992 ____A [E40EC7B20B5804E549A29CCDCA459A66] (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxbase28uh_vc.dll
2011-07-16 03:34 - 2011-07-16 03:34 - 000730112 ____A [214CFD6AEB2273D94598380509E8C9E1] (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxmsw28uh_adv_vc.dll
2011-07-16 03:34 - 2011-07-16 03:34 - 003165184 ____A [684B7F9AAB73C4E2CD124D0AC7FFF5AC] (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxmsw28uh_core_vc.dll
2011-07-16 03:34 - 2011-07-16 03:34 - 000479744 ____A [9CEDE85A6224BB49198FC6E3AAD79AE4] (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxmsw28uh_html_vc.dll

====== End of Folder: ======


==== End of Fixlog 10:43:46 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by LenovoX (administrator) on LENOVO (04-07-2018 10:46:24)
Running from C:\Users\LenovoX.Lenovo\Desktop
Loaded Profiles: LenovoX (Available Profiles: LenovoX)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lenovo Group Limited) C:\Users\LenovoX.Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-21] (AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384360 2018-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-06-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-02-12] (Disc Soft Ltd)
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\Run: [World of Warships] => "F:\Games\World of Warships\WargamingGameUpdater.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b111-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b17f-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b759-1346-11e8-824e-20689d9db773} - "H:\steambackup.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {33f51f73-1647-11e8-8251-a893c527ac1e} - "K:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82c9-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82e7-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486fd-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486ff-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-24] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{083047F8-E418-4BBF-9F82-F8201045FF9B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-21] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-21] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-25] (Oracle Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-06-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-06-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]
CHR Extension: (Slides) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-16]
CHR Extension: (Docs) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-16]
CHR Extension: (Google Drive) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-16]
CHR Extension: (YouTube) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-16]
CHR Extension: (Sheets) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\LenovoX.Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-21] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-02-12] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-06-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-06-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-06-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-06-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-06-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-06-21] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-06-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-06-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-06-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-06-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [463080 2018-06-21] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-06-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-06-21] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-02-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-02-17] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-06-25] (REALiX(tm))
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3352336 2018-06-25] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-06-25] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [59752 2018-01-10] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2584280 2018-06-25] (Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28400 2018-03-06] () [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 10:46 - 2018-07-04 10:46 - 000016131 _____ C:\Users\LenovoX.Lenovo\Desktop\FRST.txt
2018-07-04 10:43 - 2018-07-04 10:43 - 000008213 _____ C:\Users\LenovoX.Lenovo\Desktop\Fixlog.txt
2018-07-04 00:42 - 2018-07-04 00:42 - 000011407 _____ C:\Users\LenovoX.Lenovo\Downloads\Addition.rar
2018-07-04 00:40 - 2018-07-04 00:40 - 000011407 _____ C:\Users\LenovoX.Lenovo\Desktop\Addition.rar
2018-07-04 00:34 - 2018-07-04 10:46 - 000000000 ____D C:\FRST
2018-07-04 00:33 - 2018-07-04 00:33 - 002412544 _____ (Farbar) C:\Users\LenovoX.Lenovo\Desktop\FRST64.exe
2018-07-04 00:33 - 2018-07-04 00:33 - 000112640 _____ (forum.viry.cz) C:\Users\LenovoX.Lenovo\Desktop\FRSTLauncher.exe
2018-07-03 16:45 - 2018-07-03 16:45 - 072932496 _____ (Malwarebytes ) C:\Users\LenovoX.Lenovo\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5727.exe
2018-07-03 16:30 - 2018-07-03 16:31 - 007395536 _____ (Malwarebytes) C:\Users\LenovoX.Lenovo\Downloads\adwcleaner_7.2.1.exe
2018-07-03 14:06 - 2018-07-03 14:06 - 001107968 _____ C:\Users\LenovoX.Lenovo\Downloads\RSIT.exe
2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\rsit
2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\Program Files (x86)\trend micro
2018-06-30 21:27 - 2018-06-30 21:27 - 000000619 _____ C:\Users\Public\Desktop\Company of Heroes 2.lnk
2018-06-25 22:43 - 2018-06-25 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-06-25 22:43 - 2018-06-25 22:43 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2018-06-25 22:42 - 2018-06-25 22:42 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-06-25 22:42 - 2018-06-25 22:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-06-25 22:32 - 2018-06-25 22:32 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\AVAST Software
2018-06-25 22:18 - 2018-06-25 22:18 - 000067432 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____D C:\Windows\system32\DAX2
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____D C:\Program Files\Realtek
2018-06-25 22:16 - 2018-06-25 22:16 - 072520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-06-25 22:16 - 2018-06-25 22:16 - 012447325 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-06-25 22:16 - 2018-06-25 22:16 - 007172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 007096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 006264632 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 005842912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-06-25 22:16 - 2018-06-25 22:16 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2018-06-25 22:16 - 2018-06-25 22:16 - 005346992 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 003677160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-06-25 22:16 - 2018-06-25 22:16 - 003509232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 003507688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 002210280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001959600 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001347136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 001133064 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000965024 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000727432 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000708304 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000691680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000447712 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000445392 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000441264 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000378376 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000362048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000310416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000231912 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000151784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000134192 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000090912 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000088312 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-06-25 22:16 - 2018-06-25 22:16 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-06-25 22:15 - 2018-06-25 22:15 - 008108584 _____ C:\Windows\system32\Drivers\Netwfw00.dat
2018-06-25 22:15 - 2018-06-25 22:15 - 003352336 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwew00.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 002628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2018-06-25 22:15 - 2018-06-25 22:15 - 002584280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 000507096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2018-06-25 22:15 - 2018-06-25 22:15 - 000448728 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2018-06-25 22:15 - 2018-06-25 22:15 - 000213312 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 000186152 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2018-06-25 22:15 - 2018-06-25 22:15 - 000069661 _____ C:\Windows\system32\Drivers\BCM20702A1_001.002.014.1443.1488.hex
2018-06-25 22:14 - 2018-06-25 22:19 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-06-25 22:13 - 2018-06-25 22:13 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\SysWOW64\jmcricon.dll
2018-06-25 22:13 - 2018-06-25 22:13 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\system32\jmcricon.dll
2018-06-25 22:13 - 2018-06-25 22:13 - 000176880 _____ (JMicron Technology Corporation) C:\Windows\system32\Drivers\jmcr.sys
2018-06-25 22:13 - 2018-06-25 22:13 - 000130248 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C63x64.sys
2018-06-25 22:12 - 2018-06-25 22:12 - 000186424 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2018-06-25 22:02 - 2018-07-04 10:39 - 000000000 ____D C:\ProgramData\ProductData
2018-06-25 22:02 - 2018-06-25 22:02 - 000000000 ____D C:\Windows\IObit
2018-06-25 22:01 - 2018-07-03 14:22 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (LenovoX)
2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit
2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\ProgramData\IObit
2018-06-25 22:01 - 2018-06-25 22:01 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2018-06-25 22:00 - 2018-07-04 10:40 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit
2018-06-22 22:42 - 2018-06-22 22:42 - 000000995 _____ C:\Users\LenovoX.Lenovo\Desktop\zt - Shortcut.lnk
2018-06-22 13:57 - 2018-06-22 21:01 - 000000000 ____D C:\Users\LenovoX.Lenovo\Documents\Xenonauts
2018-06-22 13:57 - 2018-06-22 13:57 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\Goldhawk Interactive
2018-06-22 13:57 - 2018-06-22 13:57 - 000000000 ____D C:\ProgramData\Goldhawk Interactive
2018-06-22 13:44 - 2018-06-22 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xenonauts [GOG.com]
2018-06-21 18:16 - 2018-06-21 18:16 - 000002313 _____ C:\Users\LenovoX.Lenovo\Desktop\Infinity.lnk
2018-06-21 18:16 - 2018-06-21 18:16 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\Infinity
2018-06-21 18:15 - 2018-06-21 18:15 - 000099216 _____ (Daring Development Inc.) C:\Users\LenovoX.Lenovo\Downloads\Infinity-Setup.exe
2018-06-21 15:39 - 2018-06-21 15:39 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-06-19 21:11 - 2018-06-19 22:22 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\FiraxisLive
2018-06-19 21:07 - 2018-06-19 21:07 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\ModLauncherWPF
2018-06-13 20:09 - 2018-05-25 07:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 20:09 - 2018-05-25 06:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 20:09 - 2018-05-25 06:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 20:09 - 2018-05-25 06:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 20:09 - 2018-05-25 06:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 20:09 - 2018-05-25 06:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 20:09 - 2018-05-25 06:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 20:09 - 2018-05-25 06:03 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 20:09 - 2018-05-25 05:56 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 20:09 - 2018-05-25 05:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 20:09 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 20:09 - 2018-05-25 05:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 20:09 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 20:09 - 2018-05-25 05:44 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 20:09 - 2018-05-25 05:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 20:09 - 2018-05-25 05:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 20:09 - 2018-05-25 05:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 20:09 - 2018-05-25 05:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 20:09 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 20:09 - 2018-05-25 05:38 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 20:09 - 2018-05-25 05:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 20:09 - 2018-05-25 05:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 20:09 - 2018-05-25 05:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 20:09 - 2018-05-25 05:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 20:09 - 2018-05-25 05:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 20:09 - 2018-05-23 07:56 - 007406944 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 20:09 - 2018-05-23 07:45 - 000027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2018-06-13 20:09 - 2018-05-23 07:39 - 001676064 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 20:09 - 2018-05-23 06:13 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2018-06-13 20:09 - 2018-05-15 07:47 - 002334624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-06-13 20:09 - 2018-05-15 07:47 - 000244304 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 20:09 - 2018-05-15 07:33 - 001308352 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 20:09 - 2018-05-15 06:57 - 002324752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-06-13 20:09 - 2018-05-15 06:17 - 000032640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 20:09 - 2018-05-15 06:04 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2018-06-13 20:09 - 2018-05-15 05:05 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2018-06-13 20:09 - 2018-05-15 04:57 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2018-06-13 20:09 - 2018-05-15 04:51 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2018-06-13 20:09 - 2018-05-12 23:11 - 000532664 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 20:09 - 2018-05-12 23:06 - 000567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 20:09 - 2018-05-12 22:51 - 002014040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 20:09 - 2018-05-12 22:51 - 000923480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-06-13 20:09 - 2018-05-12 21:08 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 20:09 - 2018-05-11 05:04 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 20:09 - 2018-05-05 21:05 - 001543800 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 20:09 - 2018-05-05 20:15 - 001178136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 20:09 - 2018-05-05 18:38 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-06-13 20:09 - 2018-05-05 18:23 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2018-06-13 20:09 - 2018-04-07 18:48 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-06-13 20:09 - 2018-04-07 18:47 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-13 20:09 - 2018-04-07 18:43 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-06-13 20:09 - 2018-04-07 18:09 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-06-13 20:09 - 2018-04-07 17:34 - 002255360 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-06-13 20:09 - 2018-04-07 17:15 - 001942016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-06-13 20:09 - 2018-04-05 19:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc63.sys
2018-06-13 20:09 - 2018-04-05 19:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\NetVscCoinstall.dll
2018-06-13 20:09 - 2018-03-29 03:33 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2018-06-13 20:09 - 2018-03-29 03:21 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2018-06-13 20:09 - 2018-03-29 03:06 - 002608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-06-13 20:09 - 2018-03-29 03:05 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-06-13 20:09 - 2018-03-29 02:26 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2018-06-13 20:09 - 2018-03-29 02:24 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2018-06-05 11:59 - 2018-06-05 18:41 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\Fallout4
2018-06-05 11:36 - 2018-06-05 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-06-04 20:59 - 2018-06-04 20:59 - 000000000 ____D C:\ProgramData\RELOADED

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 10:45 - 2018-02-16 19:52 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2670462401-1286606041-1155036778-1001
2018-07-04 10:33 - 2018-02-16 19:49 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7E44207E-11CE-45AA-8B2E-296326876427}
2018-07-04 10:16 - 2018-02-16 19:54 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-04 10:15 - 2018-02-16 20:22 - 000000000 __SHD C:\Users\LenovoX\IntelGraphicsProfiles
2018-07-04 00:12 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-04 00:10 - 2018-02-22 21:06 - 000000000 ____D C:\AdwCleaner
2018-07-03 14:29 - 2018-02-16 19:45 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-03 14:29 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-07-02 21:23 - 2018-02-16 21:48 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\.minecraft
2018-07-01 12:45 - 2018-04-30 22:32 - 000003188 _____ C:\Windows\System32\Tasks\{263A5873-C3AF-4837-B6CB-A74B9A1D7BD2}
2018-07-01 12:45 - 2018-04-02 14:14 - 000003284 _____ C:\Windows\System32\Tasks\{53147FCF-14D8-46CF-87DA-266EE3D04CFD}
2018-07-01 12:45 - 2018-03-31 11:08 - 000003378 _____ C:\Windows\System32\Tasks\{46989AE3-5EBD-43F0-8915-6EC7AB23BE78}
2018-07-01 12:45 - 2018-03-30 18:46 - 000003438 _____ C:\Windows\System32\Tasks\{7A457CB6-63E3-4A08-9EC5-D75FDC2A5863}
2018-07-01 12:45 - 2018-03-30 17:36 - 000003482 _____ C:\Windows\System32\Tasks\{F6E51710-FFD8-4C1B-AA9E-CC2CAA854C8D}
2018-07-01 12:45 - 2018-03-28 21:07 - 000003922 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-25 22:00 - 000003286 _____ C:\Windows\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA}
2018-07-01 12:45 - 2018-02-16 21:31 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-07-01 12:45 - 2018-02-16 20:02 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 20:02 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-01 12:45 - 2018-02-16 19:52 - 000003370 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-01 12:45 - 2018-02-16 19:52 - 000003242 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-01 12:45 - 2018-02-16 19:43 - 000003706 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2018-06-30 22:23 - 2018-02-16 21:55 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\uTorrent
2018-06-30 22:23 - 2018-02-16 21:35 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\CrashDumps
2018-06-30 21:26 - 2018-02-17 00:38 - 000000000 ____D C:\Users\LenovoX.Lenovo\Desktop\HRY
2018-06-29 20:46 - 2018-04-11 07:50 - 000000000 ____D C:\Program Files (x86)\Steam
2018-06-29 20:18 - 2018-04-30 20:55 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\The Creative Assembly
2018-06-26 23:08 - 2018-02-16 19:53 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 23:08 - 2018-02-16 19:53 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-25 22:47 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-25 22:46 - 2018-02-16 20:01 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-25 22:45 - 2018-02-16 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-06-25 22:44 - 2018-02-16 21:47 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-06-25 22:44 - 2018-02-16 21:47 - 000000000 ____D C:\Program Files (x86)\Java
2018-06-25 11:41 - 2018-02-16 21:31 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-06-22 22:41 - 2018-04-09 19:39 - 000000000 ____D C:\Users\LenovoX.Lenovo\Documents\My Games
2018-06-21 23:25 - 2018-04-10 09:58 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\Infinity
2018-06-21 18:16 - 2018-04-10 09:58 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2018-06-21 18:16 - 2018-04-10 09:58 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Local\SquirrelTemp
2018-06-21 15:39 - 2018-02-16 21:31 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000463080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-06-21 15:39 - 2018-02-16 21:31 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-06-14 17:40 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-06-14 16:21 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-06-13 22:01 - 2018-02-18 00:40 - 000000000 ____D C:\Windows\system32\MRT
2018-06-13 21:59 - 2018-02-18 00:39 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-13 21:59 - 2018-02-18 00:39 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-09 17:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2018-06-05 21:19 - 2018-03-16 22:35 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-05 21:19 - 2018-03-16 22:35 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-05 18:41 - 2018-05-24 12:36 - 000000000 ____D C:\Program Files (x86)\Nexus Mod Manager
2018-06-05 12:16 - 2018-02-16 21:38 - 000811008 ___SH C:\Users\LenovoX.Lenovo\Desktop\Thumbs.db
2018-06-05 10:47 - 2018-02-17 00:35 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-06-04 14:34 - 2018-02-20 15:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Games

==================== Files in the root of some directories =======

2018-02-20 17:28 - 2018-02-27 22:10 - 000000807 _____ () C:\Users\LenovoX.Lenovo\AppData\Roaming\burnaware.ini
2018-03-28 22:06 - 2003-04-09 05:28 - 000233472 ____R () C:\Users\LenovoX.Lenovo\AppData\Roaming\MafiaSetup.exe

Some files in TEMP:
====================
2018-04-07 12:33 - 2006-02-18 00:58 - 000724992 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\AutoRun.exe
2018-04-07 12:33 - 2006-01-20 22:11 - 000585728 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\AutoRunGUI.dll
2018-05-02 19:48 - 2018-05-02 21:13 - 000003072 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\CH.dll
2018-03-31 20:07 - 2018-03-31 20:07 - 000036864 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\CmdLineExt02.dll
2018-04-05 10:27 - 2004-09-20 12:27 - 000040960 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\comver.dll
2005-09-13 20:38 - 2005-09-13 20:38 - 000086016 ____N () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\dlc.exe
2018-05-29 11:18 - 2018-05-29 11:18 - 000065536 _____ (Sony DADC Austria AG) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\drm_dialogs.dll
2018-02-17 13:14 - 2018-02-17 13:14 - 031570904 _____ (Disc Soft Ltd) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\DTLite1071-0341.exe
2018-04-09 18:00 - 2006-02-18 00:58 - 000344064 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\eauninstall.exe
2018-05-19 11:25 - 2018-05-19 11:25 - 000476921 _____ (SIJUCD ) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\faket.exe
2018-05-19 11:24 - 2018-05-19 11:24 - 001793368 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\gimi.exe
2018-04-30 19:57 - 2009-03-03 20:33 - 000626688 ____R (Microsoft Corporation) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\msvcr80.dll
2018-04-30 19:57 - 2009-03-03 20:32 - 000081408 ____R () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\SimPack.exe
2018-04-23 20:24 - 2006-01-20 22:12 - 000073728 _____ (Electronic Arts Inc.) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\The Godfather The Game_uninst.exe
2018-05-19 11:25 - 2018-05-19 11:25 - 003407986 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\tilusorel.exe
2018-05-17 20:14 - 2018-05-17 18:09 - 000104112 _____ () C:\Users\LenovoX.Lenovo\AppData\Local\Temp\Uninstall.exe
2018-04-30 19:57 - 2009-03-03 20:32 - 000075264 ____R (Zlib) C:\Users\LenovoX.Lenovo\AppData\Local\Temp\zlib1.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-27 20:01

==================== End of FRST.txt ============================

Este additions

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  VirusTotal: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe
  Folder: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp
  File: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe
  File: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  File: C:\Windows\SysWow64\Drivers\secdrv.sys
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1
  
  HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
  HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
  HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b111-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b17f-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b759-1346-11e8-824e-20689d9db773} - "H:\steambackup.exe" 
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {33f51f73-1647-11e8-8251-a893c527ac1e} - "K:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82c9-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82e7-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486fd-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486ff-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe" 
  S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
  C:\Program Files\KMSpico
  2018-07-03 14:06 - 2018-07-03 14:06 - 001107968 _____ C:\Users\LenovoX.Lenovo\Downloads\RSIT.exe
  2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\rsit
  2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\Program Files (x86)\trend micro
  2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____H C:\ProgramData\DP45977C.lfl
  2018-06-25 22:02 - 2018-07-04 10:39 - 000000000 ____D C:\ProgramData\ProductData
  2018-06-25 22:02 - 2018-06-25 22:02 - 000000000 ____D C:\Windows\IObit
  2018-06-25 22:01 - 2018-07-03 14:22 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (LenovoX)
  2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit
  2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\ProgramData\IObit
  2018-06-25 22:00 - 2018-07-04 10:40 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit
  2018-07-01 12:45 - 2018-02-25 22:00 - 000003286 _____ C:\Windows\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA}
  2018-07-01 12:45 - 2018-02-16 19:43 - 000003706 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
  
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  Task: {3E973E2A-6A37-47D4-8CD2-34E67359E05D} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe <==== ATTENTION
  C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp
  Task: {9ABEB7D2-9486-4087-8D56-595A1AC0C8B0} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
  Task: {EB1B6E72-A576-408A-832A-C0C838AC9B49} - System32\Tasks\Driver Booster SkipUAC (LenovoX) => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
  FirewallRules: [{1F1230C7-26DC-4621-9735-97CE077E49F3}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
  FirewallRules: [{670B487F-25AA-4800-A822-F190C154EBC9}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
  FirewallRules: [{8C192AE6-C5A9-4BCF-9808-5383F85A3901}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
  FirewallRules: [{229F17B9-F968-4C19-88CD-2E53D52A9C02}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
  FirewallRules: [{B661B3CD-9101-491E-9A2B-98CD2DC774A3}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
  FirewallRules: [{FB575A96-87C4-4AE4-B432-2E7CA80B7C9B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
  FirewallRules: [{B3F8C1DB-3F95-43E8-B52D-D3E2004658E8}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
  FirewallRules: [{A80657D4-3965-46E2-B035-444DFE3E0BCA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
  FirewallRules: [{8B30779E-AD45-42E0-A47D-B1A70D98C2FA}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
  FirewallRules: [{21FF3586-DCA7-47EB-96B4-5DC36FB84321}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
  
  DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1
  
  C:\Program Files\IObit
  C:\Program Files (x86)\IObit
  C:\Program Files\Common Files\IObit
  C:\ProgramData\IObit
  C:\ProgramData\ProductData
  C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit
  C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit
  C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
  C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
  C:\Users\Default\AppData\Roaming\IObit
  C:\Users\Default\AppData\LocalLow\IObit
  C:\Users\Public\Desktop\*Driver Booster*
  C:\Users\Public\Desktop\*Advanced SystemCare*
  C:\Windows\IObit
  C:\Windows\Tasks\ImCleanDisabled
  C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by LenovoX (05-07-2018 14:19:33) Run:2
Running from C:\Users\LenovoX.Lenovo\Desktop
Loaded Profiles: LenovoX (Available Profiles: LenovoX)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe
Folder: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp
File: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe
File: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
File: C:\Windows\SysWow64\Drivers\secdrv.sys
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b111-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b17f-1346-11e8-824e-20689d9db773} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {2178b759-1346-11e8-824e-20689d9db773} - "H:\steambackup.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {33f51f73-1647-11e8-8251-a893c527ac1e} - "K:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82c9-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {80eb82e7-1cc2-11e8-8257-f1654a1dce50} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486fd-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\...\MountPoints2: {bdc486ff-4bcd-11e8-8262-cd597544cbf8} - "J:\HiSuiteDownLoader.exe"
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
C:\Program Files\KMSpico
2018-07-03 14:06 - 2018-07-03 14:06 - 001107968 _____ C:\Users\LenovoX.Lenovo\Downloads\RSIT.exe
2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\rsit
2018-07-03 14:06 - 2018-07-03 14:06 - 000000000 ____D C:\Program Files (x86)\trend micro
2018-06-25 22:17 - 2018-06-25 22:17 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-06-25 22:02 - 2018-07-04 10:39 - 000000000 ____D C:\ProgramData\ProductData
2018-06-25 22:02 - 2018-06-25 22:02 - 000000000 ____D C:\Windows\IObit
2018-06-25 22:01 - 2018-07-03 14:22 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (LenovoX)
2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit
2018-06-25 22:01 - 2018-06-25 22:02 - 000000000 ____D C:\ProgramData\IObit
2018-06-25 22:00 - 2018-07-04 10:40 - 000000000 ____D C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit
2018-07-01 12:45 - 2018-02-25 22:00 - 000003286 _____ C:\Windows\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA}
2018-07-01 12:45 - 2018-02-16 19:43 - 000003706 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {3E973E2A-6A37-47D4-8CD2-34E67359E05D} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe <==== ATTENTION
C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp
Task: {9ABEB7D2-9486-4087-8D56-595A1AC0C8B0} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {EB1B6E72-A576-408A-832A-C0C838AC9B49} - System32\Tasks\Driver Booster SkipUAC (LenovoX) => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
FirewallRules: [{1F1230C7-26DC-4621-9735-97CE077E49F3}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{670B487F-25AA-4800-A822-F190C154EBC9}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{8C192AE6-C5A9-4BCF-9808-5383F85A3901}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{229F17B9-F968-4C19-88CD-2E53D52A9C02}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{B661B3CD-9101-491E-9A2B-98CD2DC774A3}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{FB575A96-87C4-4AE4-B432-2E7CA80B7C9B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B3F8C1DB-3F95-43E8-B52D-D3E2004658E8}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A80657D4-3965-46E2-B035-444DFE3E0BCA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{8B30779E-AD45-42E0-A47D-B1A70D98C2FA}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{21FF3586-DCA7-47EB-96B4-5DC36FB84321}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit
C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit
C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"VirusTotal: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe" => not found

========================= Folder: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp ========================

not found.

====== End of Folder: ======


========================= File: C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe ========================

"C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp\precomp.exe" => not found
====== End of File: ======


========================= File: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe ========================

C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
File not signed
MD5: 1CF03C69B49ACB70C722DF92755C0C8C
Creation and modification date: 2005-04-04 01:41 - 2005-04-04 01:41
Size: 000069632
Attributes: ----A
Company Name: Macrovision Corporation
Internal Name: IDriverT
Original Name: IDriverT.exe
Product: InstallShield (R)
Description: IDriverT Module
File Version: 11.00.28844
Product Version: 11.00
Copyright: Copyright (C) 2005 Macrovision Corporation
VirusTotal: https://www.virustotal.com/file/c227850 ... 530575825/

====== End of File: ======


========================= File: C:\Windows\SysWow64\Drivers\secdrv.sys ========================

C:\Windows\SysWow64\Drivers\secdrv.sys
File not signed
MD5: 4E7C4709AAB1F24E8FE1763DDBFFB93D
Creation and modification date: 2018-03-06 22:55 - 2018-03-06 22:55
Size: 000028400
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/7a3e108 ... 529692019/

====== End of File: ======

================== ExportKey: ===================

"HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1" => not found

=== End of ExportKey ===
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan86" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan64" => removed successfully
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2178b111-1346-11e8-824e-20689d9db773}" => removed successfully
HKLM\Software\Classes\CLSID\{2178b111-1346-11e8-824e-20689d9db773} => not found
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2178b17f-1346-11e8-824e-20689d9db773}" => removed successfully
HKLM\Software\Classes\CLSID\{2178b17f-1346-11e8-824e-20689d9db773} => not found
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2178b759-1346-11e8-824e-20689d9db773}" => removed successfully
HKLM\Software\Classes\CLSID\{2178b759-1346-11e8-824e-20689d9db773} => not found
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33f51f73-1647-11e8-8251-a893c527ac1e}" => removed successfully
HKLM\Software\Classes\CLSID\{33f51f73-1647-11e8-8251-a893c527ac1e} => not found
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80eb82c9-1cc2-11e8-8257-f1654a1dce50}" => removed successfully
HKLM\Software\Classes\CLSID\{80eb82c9-1cc2-11e8-8257-f1654a1dce50} => not found
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80eb82e7-1cc2-11e8-8257-f1654a1dce50}" => removed successfully
HKLM\Software\Classes\CLSID\{80eb82e7-1cc2-11e8-8257-f1654a1dce50} => not found
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc486fd-4bcd-11e8-8262-cd597544cbf8}" => removed successfully
HKLM\Software\Classes\CLSID\{bdc486fd-4bcd-11e8-8262-cd597544cbf8} => not found
"HKU\S-1-5-21-2670462401-1286606041-1155036778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdc486ff-4bcd-11e8-8262-cd597544cbf8}" => removed successfully
HKLM\Software\Classes\CLSID\{bdc486ff-4bcd-11e8-8262-cd597544cbf8} => not found
"HKLM\System\CurrentControlSet\Services\Service KMSELDI" => removed successfully
Service KMSELDI => service removed successfully
C:\Program Files\KMSpico => moved successfully
C:\Users\LenovoX.Lenovo\Downloads\RSIT.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files (x86)\trend micro => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\ProductData => moved successfully
C:\Windows\IObit => moved successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (LenovoX) => moved successfully
C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit => moved successfully
C:\Windows\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => moved successfully
C:\Windows\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E973E2A-6A37-47D4-8CD2-34E67359E05D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E973E2A-6A37-47D4-8CD2-34E67359E05D}" => removed successfully
"C:\Windows\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D201824E-7SP1-4321-8GH5-LA32311B16CA}" => removed successfully
"C:\Users\LenovoX.Lenovo\AppData\Roaming\WinRAR\Precomp" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9ABEB7D2-9486-4087-8D56-595A1AC0C8B0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ABEB7D2-9486-4087-8D56-595A1AC0C8B0}" => removed successfully
"C:\Windows\System32\Tasks\AutoPico Daily Restart" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB1B6E72-A576-408A-832A-C0C838AC9B49}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB1B6E72-A576-408A-832A-C0C838AC9B49}" => removed successfully
"C:\Windows\System32\Tasks\Driver Booster SkipUAC (LenovoX)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (LenovoX)" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F1230C7-26DC-4621-9735-97CE077E49F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{670B487F-25AA-4800-A822-F190C154EBC9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C192AE6-C5A9-4BCF-9808-5383F85A3901}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{229F17B9-F968-4C19-88CD-2E53D52A9C02}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B661B3CD-9101-491E-9A2B-98CD2DC774A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB575A96-87C4-4AE4-B432-2E7CA80B7C9B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B3F8C1DB-3F95-43E8-B52D-D3E2004658E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A80657D4-3965-46E2-B035-444DFE3E0BCA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B30779E-AD45-42E0-A47D-B1A70D98C2FA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21FF3586-DCA7-47EB-96B4-5DC36FB84321}" => removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 => not found
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
"C:\ProgramData\IObit" => not found
"C:\ProgramData\ProductData" => not found
"C:\Users\LenovoX.Lenovo\AppData\Roaming\IObit" => not found
"C:\Users\LenovoX.Lenovo\AppData\LocalLow\IObit" => not found

=========== "C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\LenovoX.Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

"C:\Windows\IObit" => not found
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13848431 B
Java, Flash, Steam htmlcache => 18140386 B
Windows/system/drivers => 7866678 B
Edge => 0 B
Chrome => 760439126 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 560 B
LocalService => 208995 B
NetworkService => 11180 B
LenovoX.Lenovo => 1118929447 B

RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:22:28 ====

A nevies o niakom podobnom programe na update driverov ? Diky

Taketo programy na aktualizaciu ovladacov neodporucame vobec pouzivat. Ovladace sa stahuju zo stranky vyrobcu zakladnej dosky alebo vyrobcu daneho kusu HW (napr. ovladac grafickej karty Nvidia zo stranky nvidia.com, a pod.), alebo zo stranky vyrobcu notebooku.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  Zip: C:\Program Files (x86)\Adobe Arkalis
  C:\Program Files (x86)\Adobe Arkalis
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Nasledne poprosim este raz o nove logy FRST (obidva).