Zpomalený počítač - Prosím o kontrolu logu a následné pročištění

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2964729303-17502685-1245605538-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Task: {FC710DC5-A266-488E-9D7E-8C3249BDE4D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {A1659F03-E20A-48D0-9C14-DDF022744FC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.)
Task: {FC710DC5-A266-488E-9D7E-8C3249BDE4D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.)

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si Memtest:

-V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

[HelFix]

Zde je FRST s fixem.

---

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-11-2017
Ran by derka (22-11-2017 21:53:55) Run:1
Running from C:\Users\derka\Desktop
Loaded Profiles: derka (Available Profiles: derka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2964729303-17502685-1245605538-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Task: {FC710DC5-A266-488E-9D7E-8C3249BDE4D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {A1659F03-E20A-48D0-9C14-DDF022744FC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.)
Task: {FC710DC5-A266-488E-9D7E-8C3249BDE4D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2964729303-17502685-1245605538-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC710DC5-A266-488E-9D7E-8C3249BDE4D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC710DC5-A266-488E-9D7E-8C3249BDE4D5} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => key removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1659F03-E20A-48D0-9C14-DDF022744FC1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1659F03-E20A-48D0-9C14-DDF022744FC1} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC710DC5-A266-488E-9D7E-8C3249BDE4D5} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key not found.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33876607 B
Java, Flash, Steam htmlcache => 387993413 B
Windows/system/drivers => 299000 B
Edge => 52523 B
Chrome => 724732812 B
Firefox => 953237 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 1684 B
NetworkService => 278710 B
derka => 20002439 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:54:42 ====

[jaro3]

po memtestu pak podej zprávu o problémech.

[HelFix]

Memtest neukázal ani jednu chybu.

Myslím si, že je to rychlejší, avšak, po čištění jsem zaznamenal delší náběh plochy po zapnutí počítače.

[jaro3]

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Udělej znovu CDI.

[HelFix]

Při skenování přes aswMBR mi to hází BSOD.
Zde máte OTL log:

---

OTL logfile created on: 24.11.2017 14:33:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\derka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.15063.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 48,88% Memory free
5,66 Gb Paging File | 3,65 Gb Available in Paging File | 64,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,20 Gb Total Space | 733,86 Gb Free Space | 82,81% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,97 Gb Free Space | 91,86% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-MMEO2I19 | User Name: derka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\derka\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo Group Limited)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
PRC - C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc)
PRC - C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe (Conexant Systems, Inc.)
PRC - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\02c5d8fafd444671b19a2bd0ca254347\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\01e92fb68e52de277138c16e6ee0fc8e\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SmartAudio\ba172034018c808507668a1dd286f7a4\SmartAudio.ni.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\9060b1734906c8e8be7e753fb7dd163b\System.ServiceModel.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv30e99c02#\c3b4f7a939b63e24414a95ba24c222e6\System.ServiceModel.Channels.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\087205caca9a58d5601541fe3ea0ad14\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\b27fcb5699f3217d049df36b22557c89\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\ecba64c9760299c1c757610b22e326dd\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\5d74c24ca4e065b2cff8a1893cbc76c9\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\adba2bd3438ee2127e519fd9128f0fb0\PresentationFramework.Aero2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d958c08ea62c279b2ffc5195cb98f9d8\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\668be3faaa5edc76e56cf4fd70ba48d4\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ae26a4054e96676fac915b96c3b23202\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\df4d4904ff0ffe7399d5e6cc5d6281f5\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\463a4712a9f13108727afd782f54b3a5\Windows.Foundation.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime\ba4ec901803835421842e6783911ccc4\System.Runtime.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\9da0c1da0bba0d3128458c05328882ba\Interop.CxHDAudioAPILib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\eff9a1f1ebf342c6a6179986687b41d3\Interop.CxUtilSvcLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\6c51c7b2f46c857c6e1bf1dfa53e9eaf\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\34fa564faa2e6798b1b9b3efe476d1bf\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0f6e4f69a0046a08213e90138b5c9454\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\a53000f23d60e782b488cd7a75f08ef0\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\9a12fab4df185e5c9b75bb0e0695df86\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\299c91c3c7076d39e8f80dc56d66cc7b\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\d6f57e7a11891c60673915aaaae91581\UIAutomationTypes.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\c1573b15b96505ff8d73437b07b71a37\System.Security.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\039367fe3994ae89a2745666880d749c\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\8a52975d7e11e521dcc97c3e8bccad90\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3f854fedbadec6ad04ffdfd963fc7839\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\1b2e7f5cc7171797d3aac21369bb10cf\mscorlib.ni.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()


========== Services (SafeList) ==========

SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (ImControllerService) -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo Group Limited)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (ETDService) -- C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (xbgm) -- C:\Windows\SysNative\xbgmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (cphs) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe (Intel Corporation)
SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe (Intel Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (DAX2API) -- C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe ()
SRV:64bit: - (CxUtilSvc) -- C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe (Conexant Systems, Inc.)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV:64bit: - (SAService) -- C:\Windows\SysNative\SASrv.exe (Conexant Systems, Inc.)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (ZAMSvc) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (cplspcon) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe (Intel Corporation)
SRV - (igfxCUIService2.0.0.0) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (GDCAgent) -- C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Lenovo)
SRV - (CCSDK) -- C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo)


========== Driver Services (SafeList) ==========

DRV:64bit: - (ZAM) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvlti.inf_amd64_982b5ed5f18523b0\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (FACEIT) -- C:\Windows\SysNative\drivers\FACEIT.sys ()
DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (Qcamain10x64) -- C:\Windows\SysNative\drivers\Qcamain10x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (ETDSMBus) -- C:\Windows\SysNative\drivers\ETDSMBus.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (nvdimmn) -- C:\Windows\SysNative\drivers\nvdimmn.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys ()
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (qcusbser) -- C:\Windows\SysNative\drivers\qcusbser.sys (QUALCOMM Incorporated)
DRV:64bit: - (qcusbnet) -- C:\Windows\SysNative\drivers\qcusbnet.sys (QUALCOMM Incorporated)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (RTSUER) -- C:\Windows\SysNative\drivers\RtsUer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (DroidCamVideo) -- C:\Windows\SysNative\drivers\droidcamvideo.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (DroidCam) -- C:\Windows\SysNative\drivers\droidcam.sys (Dev47Apps)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys ("CyberLink)
DRV - (MpKsl0c43bb72) -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7857784-F3A4-4D3D-AD8A-76A8EA170FD5}\MpKsl0c43bb72.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_982b5ed5f18523b0\nvlddmkm.sys (NVIDIA Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation)
DRV - (igfx) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys (Intel Corporation)

[HelFix]

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9EE4EDFC-0158-4350-9652-ED0B4C415467}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9EE4EDFC-0158-4350-9652-ED0B4C415467}: "URL" = http://www.bing.com/search?q={searchTer ... TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {9EE4EDFC-0158-4350-9652-ED0B4C415467}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9EE4EDFC-0158-4350-9652-ED0B4C415467}: "URL" = http://www.bing.com/search?q={searchTer ... TR&pc=LCTE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 8B 17 3A 71 BA 33 D3 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 29 00 00 00 6B 68 BF 37 EA A5 91 19 07 9D 8E 2E 69 D2 3F 34 F0 AB 7C A8 8F 64 02 77 3F FB 57 B4 BE 03 A7 86 3C 82 53 FB B7 3F 6E B9 60 02 00 00 00 0E 00 00 00 49 43 47 4D 67 52 6B 64 6E 62 34 25 33 64 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKCU\..\SearchScopes\{9EE4EDFC-0158-4350-9652-ED0B4C415467}: "URL" = http://www.bing.com/search?q={searchTer ... TR&pc=LCTE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.autoconfig_url: "data:text/plain, function FindProxyForURL(url, host) {if(isInNet(host, '192.168.0.0', '255.255.0.0')) return 'DIRECT'; \nif(host == 'us1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us2-base.cd-n.net') return 'DIRECT'; \nif(host == 'us3-base.cd-n.net') return 'DIRECT'; \nif(host == 'jp1-base.cd-n.net') return 'DIRECT'; \nif(host == 'de-base.cd-n.net') return 'DIRECT'; \nif(host == 'au1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ir1-base.cd-n.net') return 'DIRECT'; \nif(host == 'sg1-base.cd-n.net') return 'DIRECT'; \nif(host == 'kr1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us0-base.cd-n.net') return 'DIRECT'; \nif(host == '127.0.0.1') return 'DIRECT'; \nif(host == 'localhost') return 'DIRECT'; \nif(host == 'de-base.cd-n.net') return 'DIRECT'; \nreturn 'HTTPS ge4tklrrhays4mrrg4xdkobdge2tanjsgyydqmbq.cd-n.net:443';}"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.151.2: C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2: C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)


[2017.09.13 20:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Extensions
[2017.09.13 20:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\extensions
[2017.09.13 20:41:29 | 001,849,804 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\extensions\@hoxx-vpn.xpi
[2017.09.13 20:45:42 | 000,006,652 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\clicktoplay-rollout@mozilla.org.xpi
[2017.09.13 20:45:42 | 000,008,940 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\e10srollout@mozilla.org.xpi
[2017.09.13 20:45:42 | 000,009,993 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\followonsearch@mozilla.com.xpi
[2017.09.13 20:45:42 | 000,196,112 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\onboarding@mozilla.org.xpi
[2017.09.13 20:45:43 | 000,329,275 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\screenshots@mozilla.org.xpi

========== Chrome ==========

CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.5_0\

O1 HOSTS File: ([2017.11.22 14:52:41 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [DAX2_APP] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe ()
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LenovoUtility] C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Bloody2] C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe ()
O4 - HKCU..\Run: [OneDrive] C:\Users\derka\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Spotify] C:\Users\derka\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\derka\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29645e7c-da85-440f-9b35-69689cef2405}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d6a80b6c-4c01-4940-88ed-65a8f6ca8214}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[HelFix]

========== Files/Folders - Created Within 30 Days ==========

[2017.11.24 14:31:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\derka\Desktop\OTL.exe
[2017.11.24 14:21:11 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\derka\Desktop\aswmbr.exe
[2017.11.22 21:59:24 | 000,000,000 | ---D | C] -- C:\Users\derka\Desktop\MemTest
[2017.11.22 20:31:08 | 000,000,000 | ---D | C] -- C:\FRST
[2017.11.22 20:28:01 | 002,391,552 | ---- | C] (Farbar) -- C:\Users\derka\Desktop\FRST64.exe
[2017.11.22 18:26:42 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\NetworkTiles
[2017.11.22 18:17:07 | 000,000,000 | ---D | C] -- C:\Users\derka\Desktop\backups
[2017.11.22 15:41:15 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis (1).exe
[2017.11.22 15:22:27 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.11.22 15:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017.11.22 15:22:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017.11.22 15:20:15 | 006,625,600 | ---- | C] (Zemana Ltd. ) -- C:\Users\derka\Desktop\Zemana.AntiMalware.Setup (1).exe
[2017.11.22 15:17:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.11.22 15:13:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2017.11.22 15:13:55 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\Temp
[2017.11.22 14:31:35 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.11.22 07:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.11.22 07:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017.11.22 07:45:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2017.11.22 07:44:23 | 181,450,248 | ---- | C] (Sophos Limited) -- C:\Users\derka\Desktop\Sophos Virus Removal Tool (1).exe
[2017.11.21 22:22:31 | 026,838,600 | ---- | C] (Adlice Software) -- C:\Users\derka\Desktop\RogueKiller_portable64.exe
[2017.11.21 22:15:03 | 001,790,024 | ---- | C] (Malwarebytes) -- C:\Users\derka\Desktop\JRT.exe
[2017.11.21 22:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017.11.21 22:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017.11.21 22:13:08 | 003,980,992 | ---- | C] (Crystal Dew World ) -- C:\Users\derka\Desktop\CrystalDiskInfo7_5_0.exe
[2017.11.21 19:27:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.11.21 19:14:58 | 008,261,584 | ---- | C] (Malwarebytes) -- C:\Users\derka\Desktop\AdwCleaner.exe
[2017.11.21 19:14:11 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\derka\Desktop\TFC.exe
[2017.11.21 16:16:38 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis.exe
[2017.11.20 21:51:47 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\FortniteGame
[2017.11.20 21:51:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye
[2017.11.20 21:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Epic Games
[2017.11.20 21:13:02 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\UnrealEngineLauncher
[2017.11.20 21:12:56 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\EpicGamesLauncher
[2017.11.20 21:12:42 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_43.dll
[2017.11.20 21:12:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_43.dll
[2017.11.20 21:12:41 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2017.11.20 21:12:41 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2017.11.20 21:12:39 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2017.11.20 21:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Epic
[2017.11.20 21:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epic Games
[2017.11.18 11:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017.11.16 21:08:38 | 001,292,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.11.16 21:08:38 | 000,613,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.11.16 21:08:38 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2017.11.16 21:08:38 | 000,283,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2017.11.16 21:08:38 | 000,223,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.11.16 21:08:38 | 000,172,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2017.11.16 21:08:38 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2017.11.16 21:08:37 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017.11.16 21:08:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2017.11.16 21:08:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.11.16 21:08:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2017.11.16 21:08:36 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.11.16 21:08:36 | 000,583,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.11.16 21:08:36 | 000,362,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2017.11.16 21:08:36 | 000,354,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.11.16 21:08:36 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2017.11.16 21:08:35 | 006,765,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.11.16 21:08:35 | 004,417,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017.11.16 21:08:34 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.11.16 21:08:33 | 007,598,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017.11.16 21:08:33 | 004,559,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.11.16 21:08:33 | 000,133,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2017.11.16 21:08:32 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017.11.16 21:08:31 | 002,259,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.11.16 21:08:28 | 003,377,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017.11.16 21:08:25 | 002,671,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017.11.16 21:08:25 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.11.16 21:08:24 | 005,963,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.11.16 21:08:23 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2017.11.16 21:08:22 | 005,808,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2017.11.16 21:08:22 | 003,667,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.11.16 21:08:21 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.11.16 21:08:21 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.11.16 21:08:21 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.11.16 21:08:21 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2017.11.16 21:08:20 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2017.11.16 21:08:20 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2017.11.16 21:08:20 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Launcher.dll
[2017.11.16 21:08:20 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.11.16 21:08:20 | 000,095,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2017.11.16 21:08:19 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2017.11.16 21:08:19 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2017.11.16 21:08:19 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2017.11.16 21:08:19 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertPKICmdlet.dll
[2017.11.16 21:08:18 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2017.11.16 21:08:17 | 002,516,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017.11.16 21:08:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2017.11.16 21:08:16 | 008,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017.11.16 21:08:16 | 000,546,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.11.16 21:08:12 | 001,937,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2017.11.16 21:08:12 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2017.11.16 21:08:12 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.11.16 21:08:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2017.11.16 21:08:10 | 020,512,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.11.16 21:08:07 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017.11.16 21:08:07 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017.11.16 21:08:05 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.11.16 21:08:04 | 006,254,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.11.16 21:08:04 | 004,727,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.11.16 21:08:04 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.11.16 21:08:03 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.11.16 21:08:03 | 000,755,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017.11.16 21:08:02 | 008,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.11.16 21:08:01 | 002,398,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.11.16 21:08:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2017.11.16 21:07:59 | 006,557,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2017.11.16 21:07:59 | 001,303,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.11.16 21:07:59 | 000,094,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2017.11.16 21:07:53 | 023,680,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.11.16 21:07:46 | 000,387,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.11.16 21:07:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SEMgrPS.dll
[2017.11.16 21:07:44 | 013,381,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017.11.16 21:07:42 | 012,227,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017.11.16 21:07:37 | 002,078,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.11.16 21:07:37 | 002,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.11.16 21:07:37 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.11.16 21:07:36 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.11.16 21:07:34 | 002,969,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.11.16 21:07:34 | 000,654,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2017.11.16 21:07:34 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2017.11.16 21:07:32 | 000,727,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.11.16 21:07:32 | 000,412,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2017.11.16 21:07:32 | 000,319,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2017.11.16 21:07:32 | 000,212,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.11.16 21:07:32 | 000,187,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2017.11.16 21:07:32 | 000,144,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2017.11.16 21:07:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.11.16 21:07:31 | 005,557,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.11.16 21:07:30 | 008,319,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.11.16 21:07:30 | 004,396,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.11.16 21:07:26 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2017.11.16 21:07:24 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2017.11.16 21:07:23 | 000,430,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017.11.16 21:07:22 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFrameworkInternalPS.dll
[2017.11.16 21:07:21 | 007,910,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.11.16 21:07:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vss_ps.dll
[2017.11.16 21:07:20 | 000,923,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.11.16 21:07:20 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2017.11.16 21:07:19 | 007,339,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.11.16 21:07:17 | 003,668,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.11.16 21:07:17 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2017.11.16 21:07:16 | 003,060,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2017.11.16 21:07:16 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.11.16 21:07:16 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.11.16 21:07:15 | 004,445,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.11.16 21:07:15 | 002,032,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2017.11.16 21:07:15 | 001,878,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.11.16 21:07:15 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.11.16 21:07:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.11.16 21:07:14 | 004,707,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017.11.16 21:07:14 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.11.16 21:07:14 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2017.11.16 21:07:14 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2017.11.16 21:07:14 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2017.11.16 21:07:13 | 000,712,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.11.16 21:07:13 | 000,409,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.11.16 21:07:12 | 002,809,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.11.16 21:07:12 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.11.16 21:07:12 | 001,468,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.11.16 21:07:12 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2017.11.16 21:07:11 | 000,965,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.11.16 21:07:11 | 000,821,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.11.16 21:07:11 | 000,667,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.11.16 21:07:11 | 000,543,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.11.16 21:07:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2017.11.16 21:07:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2017.11.16 21:07:10 | 001,713,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2017.11.16 21:07:10 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2017.11.16 21:07:10 | 001,015,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.11.16 21:07:10 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2017.11.16 21:07:10 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.11.16 21:07:09 | 000,986,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017.11.16 21:07:09 | 000,772,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017.11.16 21:07:08 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.11.16 21:07:08 | 001,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017.11.16 21:07:08 | 001,144,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.11.16 21:07:08 | 000,872,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2017.11.16 21:07:03 | 005,477,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.11.16 21:07:03 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.11.16 21:07:02 | 001,578,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.11.16 21:07:02 | 000,678,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.11.16 21:07:02 | 000,613,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.11.16 21:07:02 | 000,612,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.11.16 21:07:02 | 000,484,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.11.16 21:07:02 | 000,379,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.11.16 21:07:02 | 000,259,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.11.16 21:07:02 | 000,136,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.11.16 21:07:02 | 000,067,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2017.11.16 21:07:02 | 000,034,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.11.16 21:07:01 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.11.16 21:07:01 | 001,260,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.11.16 21:06:58 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.11.16 21:06:58 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Launcher.dll
[2017.11.16 21:06:58 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.11.16 21:06:58 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.11.16 21:06:56 | 000,469,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2017.11.16 21:06:56 | 000,190,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.11.16 21:06:56 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2017.11.16 21:06:55 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedPCCSP.dll
[2017.11.16 21:06:55 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017.11.16 21:06:55 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2017.11.16 21:06:54 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2017.11.16 21:06:54 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Storage.dll
[2017.11.16 21:06:54 | 000,038,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2017.11.16 21:06:54 | 000,026,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2017.11.16 21:06:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertPKICmdlet.dll
[2017.11.16 21:06:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpstorport.sys
[2017.11.16 21:06:52 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2017.11.16 21:06:51 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageHandlers.dll
[2017.11.16 21:06:51 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageLiveTileTask.exe
[2017.11.16 20:18:52 | 013,255,032 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2017.11.16 20:18:51 | 036,239,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2017.11.16 20:18:51 | 029,272,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2017.11.16 20:18:51 | 023,264,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2017.11.16 20:18:51 | 019,038,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2017.11.16 20:18:51 | 010,883,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2017.11.16 20:18:51 | 001,989,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438831.dll
[2017.11.16 20:18:51 | 001,673,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438831.dll
[2017.11.16 20:18:51 | 001,321,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2017.11.16 20:18:51 | 001,135,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2017.11.16 20:18:51 | 001,099,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2017.11.16 20:18:51 | 001,038,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2017.11.16 20:18:51 | 001,031,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2017.11.16 20:18:51 | 000,980,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2017.11.16 20:18:51 | 000,932,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2017.11.16 20:18:51 | 000,885,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2017.11.16 20:18:51 | 000,794,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2017.11.16 20:18:51 | 000,634,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2017.11.16 20:18:51 | 000,615,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2017.11.16 20:18:51 | 000,505,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2017.11.16 20:18:49 | 004,201,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2017.11.16 20:18:49 | 003,614,328 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2017.11.16 20:18:48 | 013,865,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2017.11.16 20:18:48 | 011,780,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2017.11.16 20:18:46 | 040,237,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2017.11.16 20:18:46 | 035,156,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.11.16 19:56:57 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\NVIDIA
[2017.11.08 17:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZAV
[2017.11.08 17:45:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZAV
[2017.11.02 20:15:24 | 000,391,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vccorlib140.dll
[2017.11.02 20:15:22 | 000,627,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp140.dll
[2017.11.02 19:47:38 | 000,438,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp140.dll
[2017.11.02 19:47:38 | 000,264,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vccorlib140.dll
[2017.11.01 22:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Betternet
[2017.11.01 22:43:03 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\Downloaded Installations
[2017.10.28 15:20:49 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Roaming\CyberLink
[2017.10.28 15:20:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2017.10.25 17:49:29 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Roaming\NVIDIA
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

[HelFix]

========== Files - Modified Within 30 Days ==========

[2017.11.24 14:38:03 | 000,062,830 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.11.24 14:38:03 | 000,030,425 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.11.24 14:36:21 | 000,255,463 | ---- | M] () -- C:\WINDOWS\SysNative\InstallUtil.InstallLog
[2017.11.24 14:31:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\derka\Desktop\OTL.exe
[2017.11.24 14:30:43 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.11.24 14:28:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017.11.24 14:28:39 | 1678,520,320 | -HS- | M] () -- C:\hiberfil.sys
[2017.11.24 14:23:34 | 000,389,408 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.11.24 14:21:07 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\derka\Desktop\aswmbr.exe
[2017.11.23 17:52:00 | 003,106,860 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.11.23 17:52:00 | 001,439,246 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2017.11.23 17:52:00 | 000,947,192 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.11.23 17:52:00 | 000,354,696 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2017.11.23 17:52:00 | 000,336,876 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.11.22 21:58:57 | 000,016,850 | ---- | M] () -- C:\Users\derka\Desktop\MemTest.zip
[2017.11.22 20:27:59 | 002,391,552 | ---- | M] (Farbar) -- C:\Users\derka\Desktop\FRST64.exe
[2017.11.22 15:41:11 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis (1).exe
[2017.11.22 15:22:27 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.11.22 15:22:26 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.11.22 15:20:11 | 006,625,600 | ---- | M] (Zemana Ltd. ) -- C:\Users\derka\Desktop\Zemana.AntiMalware.Setup (1).exe
[2017.11.22 14:52:41 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.11.22 14:50:27 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2017.11.22 13:38:46 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.11.22 07:45:33 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.11.22 07:43:26 | 181,450,248 | ---- | M] (Sophos Limited) -- C:\Users\derka\Desktop\Sophos Virus Removal Tool (1).exe
[2017.11.21 22:22:27 | 026,838,600 | ---- | M] (Adlice Software) -- C:\Users\derka\Desktop\RogueKiller_portable64.exe
[2017.11.21 22:15:00 | 001,790,024 | ---- | M] (Malwarebytes) -- C:\Users\derka\Desktop\JRT.exe
[2017.11.21 22:13:45 | 000,001,276 | ---- | M] () -- C:\Users\derka\Desktop\CrystalDiskInfo.lnk
[2017.11.21 22:12:56 | 003,980,992 | ---- | M] (Crystal Dew World ) -- C:\Users\derka\Desktop\CrystalDiskInfo7_5_0.exe
[2017.11.21 19:14:56 | 008,261,584 | ---- | M] (Malwarebytes) -- C:\Users\derka\Desktop\AdwCleaner.exe
[2017.11.21 19:14:09 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\derka\Desktop\TFC.exe
[2017.11.21 16:16:27 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis.exe
[2017.11.20 21:11:34 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2017.11.15 13:55:46 | 000,002,267 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.11.14 23:48:58 | 040,237,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2017.11.14 23:48:58 | 036,239,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2017.11.14 23:48:58 | 035,156,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.11.14 23:48:58 | 029,272,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2017.11.14 23:48:58 | 023,264,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2017.11.14 23:48:58 | 019,038,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2017.11.14 23:48:58 | 013,865,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2017.11.14 23:48:58 | 013,255,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2017.11.14 23:48:58 | 011,780,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2017.11.14 23:48:58 | 010,883,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2017.11.14 23:48:58 | 004,484,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2017.11.14 23:48:58 | 004,201,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2017.11.14 23:48:58 | 003,817,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2017.11.14 23:48:58 | 003,614,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2017.11.14 23:48:58 | 001,989,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438831.dll
[2017.11.14 23:48:58 | 001,673,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438831.dll
[2017.11.14 23:48:58 | 001,321,264 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2017.11.14 23:48:58 | 001,135,280 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2017.11.14 23:48:58 | 001,099,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2017.11.14 23:48:58 | 001,038,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2017.11.14 23:48:58 | 001,031,288 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2017.11.14 23:48:58 | 000,980,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2017.11.14 23:48:58 | 000,932,288 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2017.11.14 23:48:58 | 000,885,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2017.11.14 23:48:58 | 000,794,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2017.11.14 23:48:58 | 000,634,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2017.11.14 23:48:58 | 000,615,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2017.11.14 23:48:58 | 000,505,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2017.11.14 23:48:58 | 000,057,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvhci.sys
[2017.11.14 23:48:58 | 000,048,442 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2017.11.14 23:48:58 | 000,000,669 | ---- | M] () -- C:\WINDOWS\SysNative\nv-vk64.json
[2017.11.14 23:48:58 | 000,000,669 | ---- | M] () -- C:\WINDOWS\SysWow64\nv-vk32.json
[2017.11.14 21:15:24 | 000,001,951 | ---- | M] () -- C:\WINDOWS\NvContainerRecovery.bat
[2017.11.14 20:56:18 | 005,960,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2017.11.14 20:56:18 | 002,587,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2017.11.14 20:56:16 | 001,766,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2017.11.14 20:56:16 | 000,607,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2017.11.14 20:56:16 | 000,449,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2017.11.14 20:56:16 | 000,146,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\oemdspif.dll
[2017.11.14 20:56:16 | 000,123,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2017.11.14 20:56:16 | 000,082,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2017.11.10 07:09:02 | 007,855,841 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2017.11.08 17:52:19 | 000,000,702 | ---- | M] () -- C:\Users\derka\OneDrive\Dokumenty\records.html
[2017.11.08 17:48:11 | 000,002,570 | ---- | M] () -- C:\Users\derka\OneDrive\Dokumenty\zav-report-patrik.derka.html
[2017.11.08 17:45:32 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\ZAV.lnk
[2017.11.05 02:40:50 | 000,835,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017.11.05 02:40:50 | 000,177,648 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2017.11.02 20:15:24 | 000,391,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vccorlib140.dll
[2017.11.02 20:15:22 | 000,627,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp140.dll
[2017.11.02 19:47:38 | 000,438,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp140.dll
[2017.11.02 19:47:38 | 000,264,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vccorlib140.dll
[2017.11.02 06:21:18 | 001,578,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.11.02 06:21:18 | 000,612,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.11.02 06:21:15 | 000,136,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.11.02 06:21:12 | 000,678,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.11.02 06:21:12 | 000,190,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.11.02 06:21:08 | 000,379,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.11.02 06:20:59 | 002,032,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2017.11.02 06:20:54 | 000,613,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.11.02 06:20:36 | 000,543,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.11.02 06:20:32 | 000,034,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.11.02 06:20:30 | 000,259,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.11.02 06:20:27 | 000,965,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.11.02 06:20:23 | 000,484,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.11.02 06:20:21 | 001,144,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.11.02 06:20:21 | 000,469,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2017.11.02 06:20:17 | 001,015,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.11.02 06:20:11 | 000,821,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.11.02 06:16:53 | 002,398,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.11.02 06:16:48 | 008,319,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.11.02 06:14:58 | 000,667,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.11.02 06:14:24 | 000,067,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2017.11.02 06:13:39 | 001,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017.11.02 06:13:22 | 000,095,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2017.11.02 06:13:17 | 005,477,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.11.02 06:13:10 | 000,212,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.11.02 06:13:01 | 000,546,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.11.02 06:12:58 | 000,727,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.11.02 06:12:55 | 000,430,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017.11.02 06:12:55 | 000,412,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2017.11.02 06:12:39 | 000,144,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2017.11.02 06:12:38 | 000,319,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2017.11.02 06:12:14 | 000,026,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2017.11.02 06:12:04 | 000,038,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2017.11.02 06:12:03 | 000,654,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2017.11.02 06:10:59 | 006,557,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2017.11.02 06:05:48 | 000,187,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2017.11.02 06:03:58 | 000,223,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.11.02 05:45:57 | 000,283,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2017.11.02 05:45:41 | 000,133,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2017.11.02 05:45:36 | 000,362,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2017.11.02 05:45:25 | 000,613,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.11.02 05:45:18 | 000,172,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2017.11.02 05:45:17 | 000,354,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.11.02 05:44:52 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2017.11.02 05:44:46 | 023,680,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.11.02 05:44:21 | 005,808,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2017.11.02 05:37:29 | 003,668,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.11.02 05:37:29 | 001,278,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2017.11.02 05:37:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2017.11.02 05:37:09 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2017.11.02 05:37:03 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2017.11.02 05:36:56 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2017.11.02 05:35:38 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpstorport.sys
[2017.11.02 05:35:11 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.11.02 05:35:07 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2017.11.02 05:35:03 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.11.02 05:34:49 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedPCCSP.dll
[2017.11.02 05:34:39 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2017.11.02 05:34:37 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageLiveTileTask.exe
[2017.11.02 05:34:36 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2017.11.02 05:34:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2017.11.02 05:34:20 | 000,113,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2017.11.02 05:34:05 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2017.11.02 05:34:02 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.11.02 05:33:38 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertPKICmdlet.dll
[2017.11.02 05:33:17 | 000,529,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.11.02 05:33:09 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.11.02 05:33:02 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageHandlers.dll
[2017.11.02 05:33:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2017.11.02 05:32:37 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Storage.dll
[2017.11.02 05:32:25 | 008,213,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017.11.02 05:32:02 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017.11.02 05:31:42 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.11.02 05:31:38 | 020,512,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.11.02 05:31:29 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2017.11.02 05:30:58 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.11.02 05:30:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2017.11.02 05:30:36 | 000,719,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2017.11.02 05:30:33 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2017.11.02 05:30:30 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2017.11.02 05:30:11 | 013,381,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017.11.02 05:30:11 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Launcher.dll
[2017.11.02 05:30:09 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2017.11.02 05:30:08 | 007,339,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.11.02 05:30:03 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2017.11.02 05:30:01 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.11.02 05:29:56 | 000,415,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.11.02 05:29:45 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2017.11.02 05:29:14 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.11.02 05:29:05 | 000,588,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.11.02 05:29:02 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.11.02 05:28:22 | 000,799,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2017.11.02 05:28:18 | 000,939,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2017.11.02 05:28:17 | 000,772,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017.11.02 05:28:04 | 001,468,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.11.02 05:27:59 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2017.11.02 05:27:47 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017.11.02 05:27:29 | 000,565,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2017.11.02 05:27:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertPKICmdlet.dll
[2017.11.02 05:27:07 | 002,078,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.11.02 05:26:59 | 001,937,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2017.11.02 05:26:53 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.11.02 05:26:49 | 000,755,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017.11.02 05:26:41 | 008,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.11.02 05:26:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2017.11.02 05:26:39 | 000,986,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017.11.02 05:26:17 | 003,060,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2017.11.02 05:26:16 | 002,671,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017.11.02 05:26:10 | 004,445,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.11.02 05:26:05 | 005,963,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.11.02 05:26:05 | 002,809,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.11.02 05:25:57 | 012,227,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017.11.02 05:25:56 | 001,713,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2017.11.02 05:25:53 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.11.02 05:25:49 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.11.02 05:25:48 | 004,727,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.11.02 05:25:44 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.11.02 05:25:40 | 003,377,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017.11.02 05:25:34 | 001,886,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.11.02 05:24:58 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Launcher.dll
[2017.11.02 05:24:49 | 004,707,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017.11.02 05:24:35 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2017.11.02 05:24:10 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.11.02 05:24:09 | 007,598,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017.11.02 05:23:56 | 002,516,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017.11.02 05:23:50 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2017.11.02 05:23:19 | 000,680,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2017.11.02 05:23:11 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017.11.02 05:23:03 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2017.11.02 05:22:53 | 006,254,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.11.02 05:22:21 | 002,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.11.02 05:22:08 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2017.11.02 05:21:23 | 004,417,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017.11.02 05:21:22 | 000,787,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017.11.02 05:21:10 | 000,658,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017.11.01 20:21:24 | 009,105,400 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\FACEIT.sys
[2017.10.29 06:43:14 | 000,074,716 | ---- | M] () -- C:\WINDOWS\SysNative\FeatureToastHeroImg.jpg
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017.11.22 21:59:07 | 000,016,850 | ---- | C] () -- C:\Users\derka\Desktop\MemTest.zip
[2017.11.22 15:22:26 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.11.22 15:13:55 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2017.11.22 14:49:55 | 001,309,184 | ---- | C] () -- C:\Users\derka\Desktop\zoek.exe
[2017.11.22 07:45:33 | 000,002,775 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.11.21 22:13:45 | 000,001,276 | ---- | C] () -- C:\Users\derka\Desktop\CrystalDiskInfo.lnk
[2017.11.20 21:11:34 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
[2017.11.20 21:11:34 | 000,001,258 | ---- | C] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2017.11.16 21:08:15 | 000,074,716 | ---- | C] () -- C:\WINDOWS\SysNative\FeatureToastHeroImg.jpg
[2017.11.16 20:18:46 | 000,000,669 | ---- | C] () -- C:\WINDOWS\SysNative\nv-vk64.json
[2017.11.16 20:18:46 | 000,000,669 | ---- | C] () -- C:\WINDOWS\SysWow64\nv-vk32.json
[2017.11.08 17:51:43 | 000,000,702 | ---- | C] () -- C:\Users\derka\OneDrive\Dokumenty\records.html
[2017.11.08 17:46:35 | 000,002,570 | ---- | C] () -- C:\Users\derka\OneDrive\Dokumenty\zav-report-patrik.derka.html
[2017.11.08 17:45:32 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\ZAV.lnk
[2017.09.14 00:20:30 | 000,798,008 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-61-0.dll
[2017.09.14 00:20:14 | 000,490,296 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-61-0.exe
[2017.08.09 15:34:27 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017.07.12 21:29:42 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2017.07.12 21:25:02 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017.07.12 19:21:16 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2017.06.08 11:03:20 | 000,059,904 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017.03.18 22:03:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017.03.18 22:03:41 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017.03.18 21:58:56 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017.03.18 21:58:54 | 000,116,824 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017.03.18 21:58:54 | 000,112,128 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017.03.18 21:58:54 | 000,086,528 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017.03.18 21:58:52 | 003,200,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017.03.18 21:58:51 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017.03.18 21:58:48 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017.03.18 21:58:39 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017.03.18 21:58:37 | 001,859,072 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017.03.18 21:57:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017.03.18 21:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017.01.04 02:09:08 | 000,112,112 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv2.dll
[2017.01.04 02:09:04 | 000,101,352 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv1_CM.dll
[2017.01.04 02:09:00 | 000,141,296 | ---- | C] () -- C:\WINDOWS\SysWow64\libEGL.dll
[2016.09.10 10:17:22 | 001,819,918 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016.09.10 10:11:09 | 000,000,102 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2016.09.10 10:08:09 | 000,798,008 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2016.09.10 10:08:09 | 000,490,296 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2016.05.04 03:23:30 | 000,129,824 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
[2016.05.04 03:22:58 | 000,040,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe

========== ZeroAccess Check ==========

[2017.07.13 09:27:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017.09.30 06:43:47 | 007,318,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017.09.30 03:05:45 | 005,827,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017.03.18 21:57:58 | 000,961,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017.03.18 21:58:50 | 000,770,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017.03.18 21:57:53 | 000,510,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2017.10.25 19:43:35 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\.minecraft
[2017.10.25 17:28:32 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\audacity
[2017.08.02 11:26:35 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\FACEIT
[2017.07.17 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\MAGIX
[2017.09.28 19:22:59 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\MAGIX Computer Products Intl. Co
[2017.08.03 09:37:46 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Notepad++
[2017.10.10 20:54:24 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\obs-studio
[2017.09.13 16:26:46 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Opera Software
[2017.07.17 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Publish Providers
[2017.07.17 17:15:24 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Sony
[2017.11.23 23:25:39 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Spotify
[2017.11.23 20:36:39 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\TS3Client
[2017.07.17 17:15:32 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\VEGAS
[2017.07.17 16:46:14 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\VEGAS Pro

========== Purity Check ==========



< End of report >

[HelFix]

OTL Extras logfile created on: 24.11.2017 14:33:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\derka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.15063.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 48,88% Memory free
5,66 Gb Paging File | 3,65 Gb Available in Paging File | 64,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,20 Gb Total Space | 733,86 Gb Free Space | 82,81% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,97 Gb Free Space | 91,86% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-MMEO2I19 | User Name: derka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 27 50 E6 B1 50 FB D2 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{401B5421-F96B-442E-871C-2D8EB3EEA151}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{4C4CFB76-882F-4787-B736-5235BE94FE78}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{50D749FB-CB45-497F-8AAC-46489F979767}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{724CB3AD-579F-4CA7-A40C-F87DCDA15F54}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{8898A89A-F7FF-4707-A017-97493EFD6CAB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{A7D3DC29-963B-4950-B5D2-C3D3A9ABF7B8}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{B9B21C98-2DF4-4CB3-91A2-53CD76CF9540}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{DE848323-FC35-41AF-98CD-4A2EA7A918B4}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{E7CB5E1E-CBF6-4999-B4C7-EF152B977F31}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{EB099658-373D-4D67-9182-D90F23131F9A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\root\office16\outlook.exe |
"{FB3EB369-7B13-4F2C-B586-67481ADE9A5E}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0007D782-BCD4-4AC1-9E83-FE2145F92369}" = dir=in | name=@{microsoft.microsoftedge_40.15063.674.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{004E27D7-30E5-4568-8BB5-6AC36528D8B8}" = dir=out | name=lenovo settings |
"{014125CB-6AC1-407B-A1F7-043EDE5F59F0}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{09AB4B6B-3D57-4357-A014-AEBCC095CAF3}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.15063.675_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{09FD93D7-0FD7-4641-AD13-96D44CBDA381}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{0BBD7B81-7E01-4F93-A16A-49A878E39F75}" = dir=out | name=@{microsoft.windowsstore_11710.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{0C0D3CAB-28ED-4C73-8B47-40B41600A7AE}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{0C0F44EE-64FF-4E17-9985-8491174FF456}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{0E58799D-4594-48AD-AE95-DA460C0A62C4}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{13023D98-7235-45DA-A8E9-7ECCFDCEE6CF}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{130CE94A-411B-4320-B1E5-D8C6972E70A2}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1451EB81-A502-447D-8457-080E11699352}" = dir=out | name=microsoft solitaire collection |
"{14F348D3-EAAA-4937-A7E0-12664E1BF3FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{18971C37-AF31-4F4C-96BC-2072262421B9}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{18EBCAFC-3ACE-4B6B-8F8A-759B6EFA722C}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.12894.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{1F9A4D56-06C5-4F74-AF62-62CCF701DEA7}" = dir=out | name=royal revolt 2 |
"{23736915-F314-42F0-BE7D-977F42BCD765}" = dir=out | name=wallet |
"{247562B8-D678-4661-BA78-752D86538026}" = dir=in | name=@{microsoft.zunevideo_10.17092.13511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{253F4D32-9462-415B-A9F4-429F03457462}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{25DADB9F-E8BB-4A65-A456-03F3DA703A55}" = dir=out | name=windows_ie_ac_001 |
"{267A129D-3033-4989-9637-FC8CE5B80EB5}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{2A3A577C-D719-40C7-94AA-D1BB98DEAA7F}" = dir=in | name=microsoft sticky notes |
"{2DB628C0-B918-4851-ACD3-18587082DDDD}" = dir=out | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{3050C1F8-226D-4A69-95B4-B52C021A5FDD}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{34796D86-27E6-485D-AEFA-34AF54BA45E0}" = dir=out | name=windows_ie_ac_001 |
"{384631BC-210B-45D2-8E20-9F05B3D79222}" = dir=out | name=@{windows.contactsupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{387EA9B9-D1D7-4F61-9228-665CED9AFE68}" = dir=out | name=@{a278ab0d.marchofempires_2.8.0.10_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{39A9CB4F-A4EA-478E-8FA0-334365B75ECA}" = dir=out | name=canon inkjet print utility |
"{3C888CAB-6626-4663-B6B1-06B47DF5B8EA}" = dir=out | name=@{microsoft.windows.cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{3F74BA00-DCEF-42BE-BE34-CB9EE4A9B20A}" = dir=out | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{4038066A-BD44-4E76-AA2A-A766B136C965}" = dir=in | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{410F56DF-FD75-47B6-985F-E3A8A48A30D6}" = dir=out | name=@{microsoft.zunevideo_10.17092.13511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{428B5880-17BE-4941-B658-B36605C58C15}" = dir=in | name=@{microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{44022DBD-718D-4A51-86BF-9B8832D094D7}" = dir=out | name=microsoft sticky notes |
"{4A3F70F5-C537-43B1-8F80-BE944F58D0BE}" = dir=in | name=@{microsoft.bingnews_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{4B669455-50B7-4E3B-8585-AC8F5B5A6522}" = dir=out | name=@{microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{4BA134E1-C1FF-4D3A-BC0E-710B5DD46A82}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{4ECDEBF0-A250-4038-89A9-C4DE5E910E71}" = dir=in | name=@{windows.contactsupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{57A3674E-E806-4F4D-B9C4-3E69A63A0200}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{59C20FBD-1B1E-478D-888D-AA74AB96AE61}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{5BE3EEDC-0553-4C97-B08F-CC7A6266056A}" = dir=in | name=@{microsoft.zunemusic_10.17085.22311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5CBEC2BC-27C8-4A43-AA69-633F187E3123}" = dir=out | name=xbox game bar |
"{5D34256C-69D0-4933-88AD-8752E9195E70}" = dir=out | name=@{microsoft.accountscontrol_10.0.15063.675_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{60D43CB0-3E70-4A13-90DA-6D2B726BE11C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{6312B948-1E4F-4E47-9617-9206CA37429E}" = dir=out | name=@{lenovocorporation.lenovoid_2.0.37.0_x86__4642shxvsv8s2?ms-resource://lenovocorporation.lenovoid/resources/displayname} |
"{658A08C6-35E8-4EAC-86CD-C2A262BCA73F}" = dir=in | name=canon inkjet print utility |
"{65F282CC-4E8B-4D1B-B45F-0D91435565A2}" = dir=in | name=xbox |
"{669EB232-A0EB-465F-B7C7-FB5A35F633FE}" = dir=out | name=windows_ie_ac_001 |
"{66B0BA98-AD80-4D3E-B216-A7D71C18F055}" = dir=out | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{68E26E98-BAE5-475E-B4FB-F8C40340FA73}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{69F70E72-59D6-4010-804C-8852AA683ED9}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.12894.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{6A21378B-EDEF-47FD-8586-AC2A8180E3AD}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{6C9027EA-0E97-4A03-A3D1-B4E270C78C82}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6CA67865-E753-4C22-9082-03695980F2EC}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{6E22071C-E6A2-49D6-B282-A4A0D610FC12}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1708.2831.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{6E3C2C21-E53D-4456-8175-17C0134BEE17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6F6B53B6-E6DF-4D77-B627-16B424E74B5D}" = dir=in | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{72B157C6-3658-49D0-9FB7-12232DBE97E6}" = dir=in | name=@{microsoft.oneconnect_2.1709.2484.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{73B2C760-FBB6-4488-99A0-DEAD25427745}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{73E0F2DE-6773-40FE-83C9-4675F81B027D}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{7400EA64-F381-41E4-AD53-55BBE3F92D84}" = dir=in | name=royal revolt 2 |
"{742B9248-D52D-479D-BBD3-754FF8EA4551}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{78AB1B70-B4E7-4C39-9C51-5F92D10961A7}" = dir=out | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{7A58A9E7-161A-4B0B-BD02-4E1FC5A5310E}" = dir=out | name=@{microsoft.oneconnect_2.1709.2484.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{7B39BAB8-48F7-4407-91A5-6D30EA007BEE}" = dir=out | name=@{microsoft.lockapp_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{7B8E6987-2A49-4F06-81F9-2E83702CC6BD}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{7B901ECA-FA33-4D7B-AF72-000193996D92}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{819CBDD8-6A56-457F-80F5-F40AF06D7FBC}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{86AE30BB-E206-4509-AAD3-18D0CD655526}" = dir=in | name=@{microsoft.windows.photos_2017.39091.16340.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{8A4065D0-0682-4471-9C56-C0FD6FE01BEF}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{8AB50D87-EE6B-4D73-9BB6-C6F606FF5E5C}" = dir=out | name=@{microsoft.windowsmaps_5.1708.2764.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{900F5CBA-C127-4574-BA43-EB3DC36BBA96}" = dir=out | name=@{microsoft.skypeapp_12.8.487.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{90A77B9B-FDD7-4707-AAEF-17F7CE964363}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{92714709-8A9E-41B1-A128-78B31B6DE2EF}" = dir=out | name=@{microsoft.zunemusic_10.17085.22311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{939EA32E-5BB4-4E12-A597-BACA0818666A}" = dir=in | name=onenote |
"{9590294A-43F8-4B45-AFE3-F88E57344377}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{96C2FF91-80ED-4F77-8E08-3B7425546502}" = protocol=6 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{97708AAD-E3A2-4304-B77E-97387DCA5198}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{9868C6E4-EEA2-4560-8464-F156351D32D4}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{98AF7E09-00D0-4121-8A44-FE5711D9A243}" = dir=out | name=@{microsoft.storepurchaseapp_11710.1710.30001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{990406E2-DAC9-49F1-864E-17F7C65CDE6B}" = dir=out | name=@{microsoft.windows.photos_2017.39091.16340.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{9A25071E-09E9-423E-9D02-E2E599CEF1DC}" = dir=in | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{9ACE7A98-FDE6-4AEB-95D3-82FD06F1E444}" = dir=out | name=@{microsoft.bingnews_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{9B536DFE-CF33-483F-A1FE-AF0E21C0B3AB}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{9D514E9B-7B92-4079-90E8-90623C2BF37A}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{9F1846B4-A91A-4095-9629-355A5B9A2117}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{9FD70401-2A9F-4E49-BB41-396000B79DF6}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{A0D8C9AE-316A-4807-9FFF-8E3681962DBA}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.15063.675_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{A14258D2-91E7-43ED-91DB-6EC0A8BBE1E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A26F3B57-9796-4956-B450-A63AF278A1AC}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1708.2831.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{A275D17A-3023-42F6-B52C-4FBA3A8BC214}" = dir=out | name=candy crush soda saga |
"{A327329E-9258-47E8-A4E7-D7E903849641}" = dir=out | name=holographic item player |
"{A3A52CBC-454A-4429-9A28-4CE4FE704221}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A5AC9A32-34BE-4575-A29B-E60AC40F7972}" = protocol=17 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{AAE73758-C17F-4AA2-AC78-BEE80F34ACB2}" = dir=in | app=c:\program files (x86)\lenovo\lenovo photo master\subsys\advphotoeditor\photodirector5.exe |
"{AB29AFFB-8881-4B22-BBE0-65D2A54140A1}" = dir=out | name=lenovo settings |
"{AE70626E-46ED-40B9-A540-BA848999D945}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B315053C-47C7-4EEF-AC9C-BF674DAEC0FF}" = dir=in | name=@{microsoft.windowsstore_11710.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{B6BA20CA-E17F-4464-B05B-D4C12A4B6952}" = dir=out | name=@{microsoft.microsoftedge_40.15063.674.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{BA29D7B1-3135-4E2B-9888-023ED3057973}" = dir=out | name=xbox |
"{BB4D956C-DD67-4534-9FA5-6BBD713944B9}" = dir=in | name=@{microsoft.bingweather_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{BD0BFD0C-1069-4F0A-A243-ACF2515CBA00}" = dir=out | name=@{microsoft.xboxidentityprovider_11.29.23003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{BE0227D0-DDCD-4EE0-992B-59CBFD2D7FBC}" = dir=out | name=@{microsoft.people_10.2.2791.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{C0B29909-861A-4F15-803B-B0DE9EAB4014}" = dir=out | name=mixed reality viewer |
"{C3C84657-4FD7-4086-AD90-92C7DA3BB0BF}" = dir=in | name=@{a278ab0d.marchofempires_2.8.0.10_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{C3F7C9B0-9621-4A73-BE97-C0DFAD65BB67}" = dir=out | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{C5327FF5-52F3-4E78-B482-50964C296831}" = dir=in | name=@{microsoft.windows.cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{C612CA8C-18E4-4A41-B6F0-08CDAE269DA3}" = dir=out | name=@{microsoft.getstarted_5.12.2691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C74387D2-6BF4-4958-AB86-2352C9F5AC97}" = dir=in | name=lenovo settings |
"{C9926639-6BCB-4D8B-9988-A5E0396AA6EF}" = dir=out | name=twitter |
"{CAC01CBF-92AB-49B7-BEEB-A8AE5194A60C}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{CBBFF0F6-7D7A-4E2D-A316-DA8EED195EBC}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{CE820192-5E93-4D05-BFE4-463C1C47AF82}" = dir=out | name=@{microsoft.windowscalculator_10.1709.2703.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{D16C33EE-3AFB-40F8-8A92-E8E350518F0C}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D4C603B5-B99E-4021-B368-E7858B903E9F}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{DBCA0199-B7E2-49B6-8E23-82C1438B9385}" = dir=out | name=@{environmentsapp_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://environmentsapp/resources/displayname} |
"{DC630490-E0A2-406B-91A6-A9BC2AF8CE01}" = dir=out | name=3d builder |
"{DCBFD980-5675-4EAD-B6F6-94096CA8E730}" = dir=out | name=@{microsoft.mspaint_3.1710.30027.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{DCD6A9C2-4F0C-4097-BA90-3567F7B1B95B}" = dir=out | name=@{microsoft.bingweather_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{DCE0BAF1-F0A6-4BC8-A6BD-EFF6D4C19B1E}" = dir=out | name=onenote |
"{DDF6C23A-6A36-43AA-B5BF-4210C1804A01}" = dir=out | name=lenovo settings |
"{E6CAD80D-1BAB-4528-A7F5-DD191EB40380}" = dir=in | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{E773AB30-0C44-4208-8B23-847A6E761DE1}" = dir=in | name=lenovo settings |
"{EB0AADD5-8BF7-4F7B-B0CB-72F9C2811199}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F39F582A-0429-4320-BFDD-5ECBDC0D721C}" = dir=in | name=@{microsoft.skypeapp_12.8.487.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{F73A8C73-6894-45FF-AC33-ABDA11D616B8}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F90F4017-D7CA-4D6E-B5DF-B059EA73AB4F}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"TCP Query User{072C2B5C-36FD-4B97-B462-49F5DC93F87C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" = protocol=6 | dir=in | app=c:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe |
"TCP Query User{17F14D72-C9D4-4902-9C53-289A492E10ED}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe |
"TCP Query User{2656D5E5-2C29-433A-9415-50A73932A5C3}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe |
"TCP Query User{4E17C934-DB9B-4146-B729-EC63165852BF}C:\users\derka\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\derka\appdata\roaming\spotify\spotify.exe |
"TCP Query User{A605455F-FABE-4E0E-B2E7-C81ECD4CC684}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe |
"TCP Query User{B78D801E-5EAE-4813-9BC2-6E49C29AA91E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe |
"UDP Query User{015451F7-C306-41C4-80E0-C0DDB2093825}C:\users\derka\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\derka\appdata\roaming\spotify\spotify.exe |
"UDP Query User{061F709B-806C-4489-AFB6-090F3FB5DEC7}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe |
"UDP Query User{1E3867AC-E41D-4761-9B80-FBBCDAF57B45}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe |
"UDP Query User{406F216E-9744-476B-974A-517295FEE03A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" = protocol=17 | dir=in | app=c:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe |
"UDP Query User{886FC83E-1683-4D09-AA78-27BC9B697737}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe |
"UDP Query User{C4852FEB-8B2A-421B-9C2C-856BFBE88D5C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}" = Intel(R) Chipset Device Software
"{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1" = FACEIT AC version 1.0
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}" = Dolby Audio X2 Windows API SDK
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.2.2.2018
"{3DF3AC42-174D-4915-9ED2-448AD4338B83}" = Intel(R) ME UninstallLegacy
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4C79D80F-79F9-11E6-8402-BB95F5A309BD}" = VEGAS Pro 14.0 (64-bit)
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{52116C70-79F9-11E6-9541-BB95F5A309BD}" = MSVCRT Redists
"{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}" = Qualcomm Atheros Bluetooth Installer (64)
"{66C5838F-B854-4A55-89E6-A6138747A4DF}" = Epic Games Launcher Prerequisites (x64)
"{899F9754-1F6B-4EEC-8D27-25E9DF331062}" = Intel(R) Management Engine Components
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-00DD-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component 64-bit Registration
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 388.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 388.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.9.0.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 28.0.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.17.0524
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 28.0.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = NVIDIA SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper" = NVIDIA TelemetryApi helper for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NVIDIA NodeJS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NVIDIA Virtual Host Controller
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.9.0.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = NVIDIA SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.90.1
"{B66F70B4-34E5-429A-9F55-7129E0833A45}" = Intel(R) Rapid Storage Technology
"{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}" = Dolby Audio X2 Windows APP
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"7-Zip" = 7-Zip 16.04 (x64)
"Notepad++" = Notepad++ (64-bit x64)
"O365HomePremRetail - cs-cz" = Microsoft Office 365 - cs-cz
"Steam App 730" = Counter-Strike: Global Offensive
"VulkanRT1.0.11.1" = Vulkan Run Time Libraries 1.0.11.1
"VulkanRT1.0.61.0" = Vulkan Run Time Libraries 1.0.61.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20CA507E-24AA-4741-87CF-CC1B250790B7}" = Qualcomm Atheros 11ac Wireless LAN Installer
"{213B426C-5317-4F2D-8395-AC04B70711C4}" = Epic Games Launcher
"{26A24AE4-039D-4CA4-87B4-2F32180151F0}" = Java 8 Update 151
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1" = Zemana AntiMalware

[HelFix]

"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0405-0000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1" = zavvyuka
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1" = CCSDK Customer Engagement Service
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = Lenovo PowerDVD12
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC94C56A-3649-420C-8756-2ADEBE399D33}" = Lenovo Photo Master
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{c6c5a357-c7ca-4a5f-9789-3bb1af579253}" = Launcher Prerequisites (x64)
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Pomocník s aktualizací Windows 10
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = EasyCamera
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{fb610cea-ba50-4d4b-a717-cf025419035c}" = Intel(R) Chipset Device Software
"Audacity_is1" = Audacity 2.0
"Bloody3" = Bloody6
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.5.0
"Google Chrome" = Google Chrome
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = Lenovo PowerDVD12
"OBS Studio" = OBS Studio
"Steam" = Steam
"VLC media player" = VLC media player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"69f070f18ade444c" = SDÍLEJ.CZ Manager
"OneDriveSetup.exe" = Microsoft OneDrive
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22.11.2017 9:49:21 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x04ded345 ID chybujícího
procesu: 0x29e8 Čas spuštění chybující aplikace: 0x01d36398af5654ba Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 22ccbfa9-7c12-4f8c-afcc-15a5a0f1e629 Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 22.11.2017 10:19:12 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 22.11.2017 10:19:14 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x0493d33d ID chybujícího
procesu: 0x1fdc Čas spuštění chybující aplikace: 0x01d3639cdb312d7d Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 29ee61b6-51ef-4927-96f0-0fb79ded52ab Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 22.11.2017 16:58:45 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 22.11.2017 16:58:47 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x04edce9d ID chybujícího
procesu: 0x1444 Čas spuštění chybující aplikace: 0x01d363d4ac1377f0 Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 32442194-1445-4bfc-804a-0efe86423cd2 Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 22.11.2017 17:06:29 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 22.11.2017 17:06:32 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x052fd33d ID chybujícího
procesu: 0x53c Čas spuštění chybující aplikace: 0x01d363d5c1123a89 Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 39f8f550-0324-4419-8484-1214c87321bc Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 24.11.2017 0:35:19 | Computer Name = LAPTOP-MMEO2I19 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 24.11.2017 9:32:09 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 24.11.2017 9:32:12 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x0485d33d ID chybujícího
procesu: 0x2388 Čas spuštění chybující aplikace: 0x01d365289d5dd667 Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: a905b3ec-bb00-4b1c-b0b6-dc47c18fa2eb Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

[ System Events ]
Error - 24.11.2017 0:35:19 | Computer Name = LAPTOP-MMEO2I19 | Source = DCOM | ID = 10010
Description =

Error - 24.11.2017 9:23:31 | Computer Name = LAPTOP-MMEO2I19 | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (8:44:39, ?24.?11.?2017) bylo neočekávané.

Error - 24.11.2017 9:23:32 | Computer Name = LAPTOP-MMEO2I19 | Source = BugCheck | ID = 1001
Description =

Error - 24.11.2017 9:23:30 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7000
Description = Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
%%50

Error - 24.11.2017 9:23:54 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7016
Description = Služba SAService ohlásila neplatný současný stav 14.

Error - 24.11.2017 9:28:44 | Computer Name = LAPTOP-MMEO2I19 | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:23:31, ?24.?11.?2017) bylo neočekávané.

Error - 24.11.2017 9:28:44 | Computer Name = LAPTOP-MMEO2I19 | Source = BugCheck | ID = 1001
Description =

Error - 24.11.2017 9:28:44 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7000
Description = Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
%%50

Error - 24.11.2017 9:29:14 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7016
Description = Služba Conexant SmartAudio service ohlásila neplatný současný stav
14.

Error - 24.11.2017 9:32:14 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena.
Tento stav nastal již 1krát.


< End of report >

[HelFix]

---

ZDE JE CDI:

---

----------------------------------------------------------------------------
CrystalDiskInfo 7.5.0 (C) 2008-2017 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 15063] (x64)
Date : 2017/11/24 14:51:08

-- Controller Map ----------------------------------------------------------
+ Intel(R) 6th Generation Core Processor Family Platform I/O SATA AHCI Controller [ATA]
- WDC WD10JPCX-24UE4T0
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0
----------------------------------------------------------------------------
Model : WDC WD10JPCX-24UE4T0
Firmware : 01.01A01
Serial Number : WD-WXV1E265XTVA
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1142 hod.
Power On Count : 291 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 181 178 _21 00000000077C Čas na roztočení ploten
04 _97 _97 __0 000000000C1D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _99 _99 __0 000000000476 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000123 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000000D Počet vypnutí disku
C1 196 196 __0 0000000034CC Počet cyklů načítání/vymazání
C2 116 105 __0 00000000001F Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
F0 _99 _99 __0 000000000457 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 5631 4532 3635 5854 5641
020: 0000 8000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 4358 2D32 3455 4534 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 00CC
080: 03FE 0000 346B 7D29 6123 3469 BC09 6123 407F 005D
090: 005D 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: B199 75CC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 3AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B5 B2 7C 07 00 00 00 00 00 04 32 00 61 61 1D
020: 0C 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 63 63 76 04 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 23 01 00 00 00 00 00 C0 32
070: 00 C8 C8 0D 00 00 00 00 00 00 C1 32 00 C4 C4 CC
080: 34 00 00 00 00 00 C2 22 00 74 69 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 F0 32
0D0: 00 63 63 57 04 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 34 44 01 7B
170: 03 00 01 00 02 C3 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AD

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 F0 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5A