Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si Memtest:

-V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

Zde je FRST s fixem.

---

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-11-2017
Ran by derka (22-11-2017 21:53:55) Run:1
Running from C:\Users\derka\Desktop
Loaded Profiles: derka (Available Profiles: derka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2964729303-17502685-1245605538-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Task: {FC710DC5-A266-488E-9D7E-8C3249BDE4D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {A1659F03-E20A-48D0-9C14-DDF022744FC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.)
Task: {FC710DC5-A266-488E-9D7E-8C3249BDE4D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2964729303-17502685-1245605538-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC710DC5-A266-488E-9D7E-8C3249BDE4D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC710DC5-A266-488E-9D7E-8C3249BDE4D5} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => key removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1659F03-E20A-48D0-9C14-DDF022744FC1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1659F03-E20A-48D0-9C14-DDF022744FC1} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC710DC5-A266-488E-9D7E-8C3249BDE4D5} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key not found.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33876607 B
Java, Flash, Steam htmlcache => 387993413 B
Windows/system/drivers => 299000 B
Edge => 52523 B
Chrome => 724732812 B
Firefox => 953237 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 1684 B
NetworkService => 278710 B
derka => 20002439 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:54:42 ====

po memtestu pak podej zprávu o problémech.

Memtest neukázal ani jednu chybu.

Myslím si, že je to rychlejší, avšak, po čištění jsem zaznamenal delší náběh plochy po zapnutí počítače.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Udělej znovu CDI.

Při skenování přes aswMBR mi to hází BSOD.
Zde máte OTL log:

---

OTL logfile created on: 24.11.2017 14:33:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\derka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.15063.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 48,88% Memory free
5,66 Gb Paging File | 3,65 Gb Available in Paging File | 64,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,20 Gb Total Space | 733,86 Gb Free Space | 82,81% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,97 Gb Free Space | 91,86% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-MMEO2I19 | User Name: derka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\derka\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo Group Limited)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
PRC - C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc)
PRC - C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe (Conexant Systems, Inc.)
PRC - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\02c5d8fafd444671b19a2bd0ca254347\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\01e92fb68e52de277138c16e6ee0fc8e\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SmartAudio\ba172034018c808507668a1dd286f7a4\SmartAudio.ni.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\9060b1734906c8e8be7e753fb7dd163b\System.ServiceModel.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv30e99c02#\c3b4f7a939b63e24414a95ba24c222e6\System.ServiceModel.Channels.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\087205caca9a58d5601541fe3ea0ad14\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\b27fcb5699f3217d049df36b22557c89\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\ecba64c9760299c1c757610b22e326dd\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\5d74c24ca4e065b2cff8a1893cbc76c9\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\adba2bd3438ee2127e519fd9128f0fb0\PresentationFramework.Aero2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d958c08ea62c279b2ffc5195cb98f9d8\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\668be3faaa5edc76e56cf4fd70ba48d4\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ae26a4054e96676fac915b96c3b23202\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\df4d4904ff0ffe7399d5e6cc5d6281f5\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\463a4712a9f13108727afd782f54b3a5\Windows.Foundation.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime\ba4ec901803835421842e6783911ccc4\System.Runtime.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\9da0c1da0bba0d3128458c05328882ba\Interop.CxHDAudioAPILib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\eff9a1f1ebf342c6a6179986687b41d3\Interop.CxUtilSvcLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\6c51c7b2f46c857c6e1bf1dfa53e9eaf\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\34fa564faa2e6798b1b9b3efe476d1bf\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0f6e4f69a0046a08213e90138b5c9454\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\a53000f23d60e782b488cd7a75f08ef0\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\9a12fab4df185e5c9b75bb0e0695df86\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\299c91c3c7076d39e8f80dc56d66cc7b\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\d6f57e7a11891c60673915aaaae91581\UIAutomationTypes.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\c1573b15b96505ff8d73437b07b71a37\System.Security.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\039367fe3994ae89a2745666880d749c\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\8a52975d7e11e521dcc97c3e8bccad90\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3f854fedbadec6ad04ffdfd963fc7839\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\1b2e7f5cc7171797d3aac21369bb10cf\mscorlib.ni.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()


========== Services (SafeList) ==========

SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (ImControllerService) -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo Group Limited)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (ETDService) -- C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_4951f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (xbgm) -- C:\Windows\SysNative\xbgmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (cphs) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe (Intel Corporation)
SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe (Intel Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (DAX2API) -- C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe ()
SRV:64bit: - (CxUtilSvc) -- C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe (Conexant Systems, Inc.)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV:64bit: - (SAService) -- C:\Windows\SysNative\SASrv.exe (Conexant Systems, Inc.)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (ZAMSvc) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (cplspcon) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe (Intel Corporation)
SRV - (igfxCUIService2.0.0.0) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (GDCAgent) -- C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Lenovo)
SRV - (CCSDK) -- C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo)


========== Driver Services (SafeList) ==========

DRV:64bit: - (ZAM) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvlti.inf_amd64_982b5ed5f18523b0\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (FACEIT) -- C:\Windows\SysNative\drivers\FACEIT.sys ()
DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (Qcamain10x64) -- C:\Windows\SysNative\drivers\Qcamain10x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (ETDSMBus) -- C:\Windows\SysNative\drivers\ETDSMBus.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (nvdimmn) -- C:\Windows\SysNative\drivers\nvdimmn.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys ()
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (qcusbser) -- C:\Windows\SysNative\drivers\qcusbser.sys (QUALCOMM Incorporated)
DRV:64bit: - (qcusbnet) -- C:\Windows\SysNative\drivers\qcusbnet.sys (QUALCOMM Incorporated)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (RTSUER) -- C:\Windows\SysNative\drivers\RtsUer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (DroidCamVideo) -- C:\Windows\SysNative\drivers\droidcamvideo.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (DroidCam) -- C:\Windows\SysNative\drivers\droidcam.sys (Dev47Apps)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys ("CyberLink)
DRV - (MpKsl0c43bb72) -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7857784-F3A4-4D3D-AD8A-76A8EA170FD5}\MpKsl0c43bb72.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_982b5ed5f18523b0\nvlddmkm.sys (NVIDIA Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation)
DRV - (igfx) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys (Intel Corporation)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9EE4EDFC-0158-4350-9652-ED0B4C415467}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9EE4EDFC-0158-4350-9652-ED0B4C415467}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {9EE4EDFC-0158-4350-9652-ED0B4C415467}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9EE4EDFC-0158-4350-9652-ED0B4C415467}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 8B 17 3A 71 BA 33 D3 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 29 00 00 00 6B 68 BF 37 EA A5 91 19 07 9D 8E 2E 69 D2 3F 34 F0 AB 7C A8 8F 64 02 77 3F FB 57 B4 BE 03 A7 86 3C 82 53 FB B7 3F 6E B9 60 02 00 00 00 0E 00 00 00 49 43 47 4D 67 52 6B 64 6E 62 34 25 33 64 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{9EE4EDFC-0158-4350-9652-ED0B4C415467}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.autoconfig_url: "data:text/plain, function FindProxyForURL(url, host) {if(isInNet(host, '192.168.0.0', '255.255.0.0')) return 'DIRECT'; \nif(host == 'us1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us2-base.cd-n.net') return 'DIRECT'; \nif(host == 'us3-base.cd-n.net') return 'DIRECT'; \nif(host == 'jp1-base.cd-n.net') return 'DIRECT'; \nif(host == 'de-base.cd-n.net') return 'DIRECT'; \nif(host == 'au1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ir1-base.cd-n.net') return 'DIRECT'; \nif(host == 'sg1-base.cd-n.net') return 'DIRECT'; \nif(host == 'kr1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us0-base.cd-n.net') return 'DIRECT'; \nif(host == '127.0.0.1') return 'DIRECT'; \nif(host == 'localhost') return 'DIRECT'; \nif(host == 'de-base.cd-n.net') return 'DIRECT'; \nreturn 'HTTPS ge4tklrrhays4mrrg4xdkobdge2tanjsgyydqmbq.cd-n.net:443';}"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.151.2: C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2: C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)


[2017.09.13 20:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Extensions
[2017.09.13 20:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\extensions
[2017.09.13 20:41:29 | 001,849,804 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\extensions\@hoxx-vpn.xpi
[2017.09.13 20:45:42 | 000,006,652 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\clicktoplay-rollout@mozilla.org.xpi
[2017.09.13 20:45:42 | 000,008,940 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\e10srollout@mozilla.org.xpi
[2017.09.13 20:45:42 | 000,009,993 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\followonsearch@mozilla.com.xpi
[2017.09.13 20:45:42 | 000,196,112 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\onboarding@mozilla.org.xpi
[2017.09.13 20:45:43 | 000,329,275 | ---- | M] () (No name found) -- C:\Users\derka\AppData\Roaming\Mozilla\Firefox\Profiles\0l5ruq3y.default\features\{5daca3a0-ba56-489b-a875-256d5af546fd}\screenshots@mozilla.org.xpi

========== Chrome ==========

CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\derka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.5_0\

O1 HOSTS File: ([2017.11.22 14:52:41 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [DAX2_APP] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe ()
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LenovoUtility] C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Bloody2] C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe ()
O4 - HKCU..\Run: [OneDrive] C:\Users\derka\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Spotify] C:\Users\derka\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\derka\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29645e7c-da85-440f-9b35-69689cef2405}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d6a80b6c-4c01-4940-88ed-65a8f6ca8214}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2017.11.24 14:31:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\derka\Desktop\OTL.exe
[2017.11.24 14:21:11 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\derka\Desktop\aswmbr.exe
[2017.11.22 21:59:24 | 000,000,000 | ---D | C] -- C:\Users\derka\Desktop\MemTest
[2017.11.22 20:31:08 | 000,000,000 | ---D | C] -- C:\FRST
[2017.11.22 20:28:01 | 002,391,552 | ---- | C] (Farbar) -- C:\Users\derka\Desktop\FRST64.exe
[2017.11.22 18:26:42 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\NetworkTiles
[2017.11.22 18:17:07 | 000,000,000 | ---D | C] -- C:\Users\derka\Desktop\backups
[2017.11.22 15:41:15 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis (1).exe
[2017.11.22 15:22:27 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.11.22 15:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017.11.22 15:22:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017.11.22 15:20:15 | 006,625,600 | ---- | C] (Zemana Ltd. ) -- C:\Users\derka\Desktop\Zemana.AntiMalware.Setup (1).exe
[2017.11.22 15:17:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.11.22 15:13:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2017.11.22 15:13:55 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\Temp
[2017.11.22 14:31:35 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.11.22 07:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.11.22 07:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017.11.22 07:45:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2017.11.22 07:44:23 | 181,450,248 | ---- | C] (Sophos Limited) -- C:\Users\derka\Desktop\Sophos Virus Removal Tool (1).exe
[2017.11.21 22:22:31 | 026,838,600 | ---- | C] (Adlice Software) -- C:\Users\derka\Desktop\RogueKiller_portable64.exe
[2017.11.21 22:15:03 | 001,790,024 | ---- | C] (Malwarebytes) -- C:\Users\derka\Desktop\JRT.exe
[2017.11.21 22:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017.11.21 22:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017.11.21 22:13:08 | 003,980,992 | ---- | C] (Crystal Dew World ) -- C:\Users\derka\Desktop\CrystalDiskInfo7_5_0.exe
[2017.11.21 19:27:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.11.21 19:14:58 | 008,261,584 | ---- | C] (Malwarebytes) -- C:\Users\derka\Desktop\AdwCleaner.exe
[2017.11.21 19:14:11 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\derka\Desktop\TFC.exe
[2017.11.21 16:16:38 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis.exe
[2017.11.20 21:51:47 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\FortniteGame
[2017.11.20 21:51:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye
[2017.11.20 21:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Epic Games
[2017.11.20 21:13:02 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\UnrealEngineLauncher
[2017.11.20 21:12:56 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\EpicGamesLauncher
[2017.11.20 21:12:42 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_43.dll
[2017.11.20 21:12:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_43.dll
[2017.11.20 21:12:41 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2017.11.20 21:12:41 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2017.11.20 21:12:39 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2017.11.20 21:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Epic
[2017.11.20 21:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epic Games
[2017.11.18 11:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017.11.16 21:08:38 | 001,292,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.11.16 21:08:38 | 000,613,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.11.16 21:08:38 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2017.11.16 21:08:38 | 000,283,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2017.11.16 21:08:38 | 000,223,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.11.16 21:08:38 | 000,172,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2017.11.16 21:08:38 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2017.11.16 21:08:37 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017.11.16 21:08:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2017.11.16 21:08:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.11.16 21:08:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2017.11.16 21:08:36 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.11.16 21:08:36 | 000,583,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.11.16 21:08:36 | 000,362,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2017.11.16 21:08:36 | 000,354,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.11.16 21:08:36 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2017.11.16 21:08:35 | 006,765,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.11.16 21:08:35 | 004,417,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017.11.16 21:08:34 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.11.16 21:08:33 | 007,598,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017.11.16 21:08:33 | 004,559,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.11.16 21:08:33 | 000,133,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2017.11.16 21:08:32 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017.11.16 21:08:31 | 002,259,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.11.16 21:08:28 | 003,377,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017.11.16 21:08:25 | 002,671,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017.11.16 21:08:25 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.11.16 21:08:24 | 005,963,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.11.16 21:08:23 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2017.11.16 21:08:22 | 005,808,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2017.11.16 21:08:22 | 003,667,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.11.16 21:08:21 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.11.16 21:08:21 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.11.16 21:08:21 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.11.16 21:08:21 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2017.11.16 21:08:20 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2017.11.16 21:08:20 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2017.11.16 21:08:20 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Launcher.dll
[2017.11.16 21:08:20 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.11.16 21:08:20 | 000,095,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2017.11.16 21:08:19 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2017.11.16 21:08:19 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2017.11.16 21:08:19 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2017.11.16 21:08:19 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertPKICmdlet.dll
[2017.11.16 21:08:18 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2017.11.16 21:08:17 | 002,516,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017.11.16 21:08:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2017.11.16 21:08:16 | 008,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017.11.16 21:08:16 | 000,546,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.11.16 21:08:12 | 001,937,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2017.11.16 21:08:12 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2017.11.16 21:08:12 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.11.16 21:08:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2017.11.16 21:08:10 | 020,512,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.11.16 21:08:07 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017.11.16 21:08:07 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017.11.16 21:08:05 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.11.16 21:08:04 | 006,254,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.11.16 21:08:04 | 004,727,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.11.16 21:08:04 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.11.16 21:08:03 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.11.16 21:08:03 | 000,755,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017.11.16 21:08:02 | 008,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.11.16 21:08:01 | 002,398,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.11.16 21:08:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2017.11.16 21:07:59 | 006,557,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2017.11.16 21:07:59 | 001,303,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.11.16 21:07:59 | 000,094,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2017.11.16 21:07:53 | 023,680,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.11.16 21:07:46 | 000,387,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.11.16 21:07:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SEMgrPS.dll
[2017.11.16 21:07:44 | 013,381,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017.11.16 21:07:42 | 012,227,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017.11.16 21:07:37 | 002,078,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.11.16 21:07:37 | 002,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.11.16 21:07:37 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.11.16 21:07:36 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.11.16 21:07:34 | 002,969,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.11.16 21:07:34 | 000,654,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2017.11.16 21:07:34 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2017.11.16 21:07:32 | 000,727,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.11.16 21:07:32 | 000,412,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2017.11.16 21:07:32 | 000,319,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2017.11.16 21:07:32 | 000,212,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.11.16 21:07:32 | 000,187,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2017.11.16 21:07:32 | 000,144,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2017.11.16 21:07:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.11.16 21:07:31 | 005,557,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.11.16 21:07:30 | 008,319,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.11.16 21:07:30 | 004,396,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.11.16 21:07:26 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2017.11.16 21:07:24 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2017.11.16 21:07:23 | 000,430,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017.11.16 21:07:22 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFrameworkInternalPS.dll
[2017.11.16 21:07:21 | 007,910,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.11.16 21:07:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vss_ps.dll
[2017.11.16 21:07:20 | 000,923,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.11.16 21:07:20 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2017.11.16 21:07:19 | 007,339,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.11.16 21:07:17 | 003,668,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.11.16 21:07:17 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2017.11.16 21:07:16 | 003,060,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2017.11.16 21:07:16 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.11.16 21:07:16 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.11.16 21:07:15 | 004,445,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.11.16 21:07:15 | 002,032,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2017.11.16 21:07:15 | 001,878,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.11.16 21:07:15 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.11.16 21:07:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.11.16 21:07:14 | 004,707,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017.11.16 21:07:14 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.11.16 21:07:14 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2017.11.16 21:07:14 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2017.11.16 21:07:14 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2017.11.16 21:07:13 | 000,712,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.11.16 21:07:13 | 000,409,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.11.16 21:07:12 | 002,809,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.11.16 21:07:12 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.11.16 21:07:12 | 001,468,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.11.16 21:07:12 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2017.11.16 21:07:11 | 000,965,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.11.16 21:07:11 | 000,821,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.11.16 21:07:11 | 000,667,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.11.16 21:07:11 | 000,543,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.11.16 21:07:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2017.11.16 21:07:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2017.11.16 21:07:10 | 001,713,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2017.11.16 21:07:10 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2017.11.16 21:07:10 | 001,015,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.11.16 21:07:10 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2017.11.16 21:07:10 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.11.16 21:07:09 | 000,986,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017.11.16 21:07:09 | 000,772,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017.11.16 21:07:08 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.11.16 21:07:08 | 001,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017.11.16 21:07:08 | 001,144,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.11.16 21:07:08 | 000,872,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2017.11.16 21:07:03 | 005,477,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.11.16 21:07:03 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.11.16 21:07:02 | 001,578,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.11.16 21:07:02 | 000,678,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.11.16 21:07:02 | 000,613,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.11.16 21:07:02 | 000,612,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.11.16 21:07:02 | 000,484,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.11.16 21:07:02 | 000,379,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.11.16 21:07:02 | 000,259,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.11.16 21:07:02 | 000,136,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.11.16 21:07:02 | 000,067,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2017.11.16 21:07:02 | 000,034,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.11.16 21:07:01 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.11.16 21:07:01 | 001,260,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.11.16 21:06:58 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.11.16 21:06:58 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Launcher.dll
[2017.11.16 21:06:58 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.11.16 21:06:58 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.11.16 21:06:56 | 000,469,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2017.11.16 21:06:56 | 000,190,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.11.16 21:06:56 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2017.11.16 21:06:55 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedPCCSP.dll
[2017.11.16 21:06:55 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017.11.16 21:06:55 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2017.11.16 21:06:54 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2017.11.16 21:06:54 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Storage.dll
[2017.11.16 21:06:54 | 000,038,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2017.11.16 21:06:54 | 000,026,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2017.11.16 21:06:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertPKICmdlet.dll
[2017.11.16 21:06:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpstorport.sys
[2017.11.16 21:06:52 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2017.11.16 21:06:51 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageHandlers.dll
[2017.11.16 21:06:51 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageLiveTileTask.exe
[2017.11.16 20:18:52 | 013,255,032 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2017.11.16 20:18:51 | 036,239,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2017.11.16 20:18:51 | 029,272,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2017.11.16 20:18:51 | 023,264,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2017.11.16 20:18:51 | 019,038,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2017.11.16 20:18:51 | 010,883,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2017.11.16 20:18:51 | 001,989,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438831.dll
[2017.11.16 20:18:51 | 001,673,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438831.dll
[2017.11.16 20:18:51 | 001,321,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2017.11.16 20:18:51 | 001,135,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2017.11.16 20:18:51 | 001,099,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2017.11.16 20:18:51 | 001,038,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2017.11.16 20:18:51 | 001,031,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2017.11.16 20:18:51 | 000,980,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2017.11.16 20:18:51 | 000,932,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2017.11.16 20:18:51 | 000,885,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2017.11.16 20:18:51 | 000,794,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2017.11.16 20:18:51 | 000,634,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2017.11.16 20:18:51 | 000,615,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2017.11.16 20:18:51 | 000,505,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2017.11.16 20:18:49 | 004,201,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2017.11.16 20:18:49 | 003,614,328 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2017.11.16 20:18:48 | 013,865,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2017.11.16 20:18:48 | 011,780,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2017.11.16 20:18:46 | 040,237,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2017.11.16 20:18:46 | 035,156,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.11.16 19:56:57 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\NVIDIA
[2017.11.08 17:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZAV
[2017.11.08 17:45:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZAV
[2017.11.02 20:15:24 | 000,391,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vccorlib140.dll
[2017.11.02 20:15:22 | 000,627,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp140.dll
[2017.11.02 19:47:38 | 000,438,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp140.dll
[2017.11.02 19:47:38 | 000,264,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vccorlib140.dll
[2017.11.01 22:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Betternet
[2017.11.01 22:43:03 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Local\Downloaded Installations
[2017.10.28 15:20:49 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Roaming\CyberLink
[2017.10.28 15:20:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2017.10.25 17:49:29 | 000,000,000 | ---D | C] -- C:\Users\derka\AppData\Roaming\NVIDIA
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2017.11.24 14:38:03 | 000,062,830 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.11.24 14:38:03 | 000,030,425 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.11.24 14:36:21 | 000,255,463 | ---- | M] () -- C:\WINDOWS\SysNative\InstallUtil.InstallLog
[2017.11.24 14:31:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\derka\Desktop\OTL.exe
[2017.11.24 14:30:43 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.11.24 14:28:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017.11.24 14:28:39 | 1678,520,320 | -HS- | M] () -- C:\hiberfil.sys
[2017.11.24 14:23:34 | 000,389,408 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.11.24 14:21:07 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\derka\Desktop\aswmbr.exe
[2017.11.23 17:52:00 | 003,106,860 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.11.23 17:52:00 | 001,439,246 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2017.11.23 17:52:00 | 000,947,192 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.11.23 17:52:00 | 000,354,696 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2017.11.23 17:52:00 | 000,336,876 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.11.22 21:58:57 | 000,016,850 | ---- | M] () -- C:\Users\derka\Desktop\MemTest.zip
[2017.11.22 20:27:59 | 002,391,552 | ---- | M] (Farbar) -- C:\Users\derka\Desktop\FRST64.exe
[2017.11.22 15:41:11 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis (1).exe
[2017.11.22 15:22:27 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.11.22 15:22:26 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.11.22 15:20:11 | 006,625,600 | ---- | M] (Zemana Ltd. ) -- C:\Users\derka\Desktop\Zemana.AntiMalware.Setup (1).exe
[2017.11.22 14:52:41 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.11.22 14:50:27 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2017.11.22 13:38:46 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.11.22 07:45:33 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.11.22 07:43:26 | 181,450,248 | ---- | M] (Sophos Limited) -- C:\Users\derka\Desktop\Sophos Virus Removal Tool (1).exe
[2017.11.21 22:22:27 | 026,838,600 | ---- | M] (Adlice Software) -- C:\Users\derka\Desktop\RogueKiller_portable64.exe
[2017.11.21 22:15:00 | 001,790,024 | ---- | M] (Malwarebytes) -- C:\Users\derka\Desktop\JRT.exe
[2017.11.21 22:13:45 | 000,001,276 | ---- | M] () -- C:\Users\derka\Desktop\CrystalDiskInfo.lnk
[2017.11.21 22:12:56 | 003,980,992 | ---- | M] (Crystal Dew World ) -- C:\Users\derka\Desktop\CrystalDiskInfo7_5_0.exe
[2017.11.21 19:14:56 | 008,261,584 | ---- | M] (Malwarebytes) -- C:\Users\derka\Desktop\AdwCleaner.exe
[2017.11.21 19:14:09 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\derka\Desktop\TFC.exe
[2017.11.21 16:16:27 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\derka\Desktop\HijackThis.exe
[2017.11.20 21:11:34 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2017.11.15 13:55:46 | 000,002,267 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.11.14 23:48:58 | 040,237,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2017.11.14 23:48:58 | 036,239,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2017.11.14 23:48:58 | 035,156,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.11.14 23:48:58 | 029,272,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2017.11.14 23:48:58 | 023,264,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2017.11.14 23:48:58 | 019,038,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2017.11.14 23:48:58 | 013,865,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2017.11.14 23:48:58 | 013,255,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2017.11.14 23:48:58 | 011,780,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2017.11.14 23:48:58 | 010,883,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2017.11.14 23:48:58 | 004,484,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2017.11.14 23:48:58 | 004,201,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2017.11.14 23:48:58 | 003,817,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2017.11.14 23:48:58 | 003,614,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2017.11.14 23:48:58 | 001,989,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438831.dll
[2017.11.14 23:48:58 | 001,673,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438831.dll
[2017.11.14 23:48:58 | 001,321,264 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2017.11.14 23:48:58 | 001,135,280 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2017.11.14 23:48:58 | 001,099,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2017.11.14 23:48:58 | 001,038,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2017.11.14 23:48:58 | 001,031,288 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2017.11.14 23:48:58 | 000,980,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2017.11.14 23:48:58 | 000,932,288 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2017.11.14 23:48:58 | 000,885,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2017.11.14 23:48:58 | 000,794,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2017.11.14 23:48:58 | 000,634,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2017.11.14 23:48:58 | 000,615,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2017.11.14 23:48:58 | 000,505,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2017.11.14 23:48:58 | 000,057,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvhci.sys
[2017.11.14 23:48:58 | 000,048,442 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2017.11.14 23:48:58 | 000,000,669 | ---- | M] () -- C:\WINDOWS\SysNative\nv-vk64.json
[2017.11.14 23:48:58 | 000,000,669 | ---- | M] () -- C:\WINDOWS\SysWow64\nv-vk32.json
[2017.11.14 21:15:24 | 000,001,951 | ---- | M] () -- C:\WINDOWS\NvContainerRecovery.bat
[2017.11.14 20:56:18 | 005,960,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2017.11.14 20:56:18 | 002,587,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2017.11.14 20:56:16 | 001,766,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2017.11.14 20:56:16 | 000,607,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2017.11.14 20:56:16 | 000,449,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2017.11.14 20:56:16 | 000,146,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\oemdspif.dll
[2017.11.14 20:56:16 | 000,123,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2017.11.14 20:56:16 | 000,082,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2017.11.10 07:09:02 | 007,855,841 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2017.11.08 17:52:19 | 000,000,702 | ---- | M] () -- C:\Users\derka\OneDrive\Dokumenty\records.html
[2017.11.08 17:48:11 | 000,002,570 | ---- | M] () -- C:\Users\derka\OneDrive\Dokumenty\zav-report-patrik.derka.html
[2017.11.08 17:45:32 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\ZAV.lnk
[2017.11.05 02:40:50 | 000,835,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017.11.05 02:40:50 | 000,177,648 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2017.11.02 20:15:24 | 000,391,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vccorlib140.dll
[2017.11.02 20:15:22 | 000,627,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp140.dll
[2017.11.02 19:47:38 | 000,438,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp140.dll
[2017.11.02 19:47:38 | 000,264,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vccorlib140.dll
[2017.11.02 06:21:18 | 001,578,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.11.02 06:21:18 | 000,612,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.11.02 06:21:15 | 000,136,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.11.02 06:21:12 | 000,678,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.11.02 06:21:12 | 000,190,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.11.02 06:21:08 | 000,379,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.11.02 06:20:59 | 002,032,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2017.11.02 06:20:54 | 000,613,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.11.02 06:20:36 | 000,543,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.11.02 06:20:32 | 000,034,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.11.02 06:20:30 | 000,259,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.11.02 06:20:27 | 000,965,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.11.02 06:20:23 | 000,484,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.11.02 06:20:21 | 001,144,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.11.02 06:20:21 | 000,469,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2017.11.02 06:20:17 | 001,015,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.11.02 06:20:11 | 000,821,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.11.02 06:16:53 | 002,398,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.11.02 06:16:48 | 008,319,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.11.02 06:14:58 | 000,667,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.11.02 06:14:24 | 000,067,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2017.11.02 06:13:39 | 001,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017.11.02 06:13:22 | 000,095,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2017.11.02 06:13:17 | 005,477,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.11.02 06:13:10 | 000,212,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.11.02 06:13:01 | 000,546,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.11.02 06:12:58 | 000,727,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.11.02 06:12:55 | 000,430,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017.11.02 06:12:55 | 000,412,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2017.11.02 06:12:39 | 000,144,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2017.11.02 06:12:38 | 000,319,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2017.11.02 06:12:14 | 000,026,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2017.11.02 06:12:04 | 000,038,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2017.11.02 06:12:03 | 000,654,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2017.11.02 06:10:59 | 006,557,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2017.11.02 06:05:48 | 000,187,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2017.11.02 06:03:58 | 000,223,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.11.02 05:45:57 | 000,283,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2017.11.02 05:45:41 | 000,133,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2017.11.02 05:45:36 | 000,362,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2017.11.02 05:45:25 | 000,613,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.11.02 05:45:18 | 000,172,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2017.11.02 05:45:17 | 000,354,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.11.02 05:44:52 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2017.11.02 05:44:46 | 023,680,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.11.02 05:44:21 | 005,808,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2017.11.02 05:37:29 | 003,668,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.11.02 05:37:29 | 001,278,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2017.11.02 05:37:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2017.11.02 05:37:09 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2017.11.02 05:37:03 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2017.11.02 05:36:56 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2017.11.02 05:35:38 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpstorport.sys
[2017.11.02 05:35:11 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.11.02 05:35:07 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2017.11.02 05:35:03 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.11.02 05:34:49 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedPCCSP.dll
[2017.11.02 05:34:39 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2017.11.02 05:34:37 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageLiveTileTask.exe
[2017.11.02 05:34:36 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2017.11.02 05:34:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2017.11.02 05:34:20 | 000,113,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2017.11.02 05:34:05 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2017.11.02 05:34:02 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.11.02 05:33:38 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertPKICmdlet.dll
[2017.11.02 05:33:17 | 000,529,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.11.02 05:33:09 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.11.02 05:33:02 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataUsageHandlers.dll
[2017.11.02 05:33:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2017.11.02 05:32:37 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Storage.dll
[2017.11.02 05:32:25 | 008,213,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017.11.02 05:32:02 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017.11.02 05:31:42 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.11.02 05:31:38 | 020,512,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.11.02 05:31:29 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2017.11.02 05:30:58 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.11.02 05:30:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2017.11.02 05:30:36 | 000,719,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2017.11.02 05:30:33 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2017.11.02 05:30:30 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2017.11.02 05:30:11 | 013,381,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017.11.02 05:30:11 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Launcher.dll
[2017.11.02 05:30:09 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2017.11.02 05:30:08 | 007,339,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.11.02 05:30:03 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2017.11.02 05:30:01 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.11.02 05:29:56 | 000,415,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.11.02 05:29:45 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2017.11.02 05:29:14 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.11.02 05:29:05 | 000,588,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.11.02 05:29:02 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.11.02 05:28:22 | 000,799,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2017.11.02 05:28:18 | 000,939,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2017.11.02 05:28:17 | 000,772,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017.11.02 05:28:04 | 001,468,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.11.02 05:27:59 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2017.11.02 05:27:47 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017.11.02 05:27:29 | 000,565,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2017.11.02 05:27:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertPKICmdlet.dll
[2017.11.02 05:27:07 | 002,078,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.11.02 05:26:59 | 001,937,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2017.11.02 05:26:53 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.11.02 05:26:49 | 000,755,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017.11.02 05:26:41 | 008,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.11.02 05:26:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2017.11.02 05:26:39 | 000,986,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017.11.02 05:26:17 | 003,060,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2017.11.02 05:26:16 | 002,671,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017.11.02 05:26:10 | 004,445,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.11.02 05:26:05 | 005,963,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.11.02 05:26:05 | 002,809,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.11.02 05:25:57 | 012,227,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017.11.02 05:25:56 | 001,713,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2017.11.02 05:25:53 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.11.02 05:25:49 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.11.02 05:25:48 | 004,727,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.11.02 05:25:44 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.11.02 05:25:40 | 003,377,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017.11.02 05:25:34 | 001,886,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.11.02 05:24:58 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Launcher.dll
[2017.11.02 05:24:49 | 004,707,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017.11.02 05:24:35 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2017.11.02 05:24:10 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.11.02 05:24:09 | 007,598,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017.11.02 05:23:56 | 002,516,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017.11.02 05:23:50 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2017.11.02 05:23:19 | 000,680,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2017.11.02 05:23:11 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017.11.02 05:23:03 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2017.11.02 05:22:53 | 006,254,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.11.02 05:22:21 | 002,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.11.02 05:22:08 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2017.11.02 05:21:23 | 004,417,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017.11.02 05:21:22 | 000,787,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017.11.02 05:21:10 | 000,658,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017.11.01 20:21:24 | 009,105,400 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\FACEIT.sys
[2017.10.29 06:43:14 | 000,074,716 | ---- | M] () -- C:\WINDOWS\SysNative\FeatureToastHeroImg.jpg
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017.11.22 21:59:07 | 000,016,850 | ---- | C] () -- C:\Users\derka\Desktop\MemTest.zip
[2017.11.22 15:22:26 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.11.22 15:13:55 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2017.11.22 14:49:55 | 001,309,184 | ---- | C] () -- C:\Users\derka\Desktop\zoek.exe
[2017.11.22 07:45:33 | 000,002,775 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.11.21 22:13:45 | 000,001,276 | ---- | C] () -- C:\Users\derka\Desktop\CrystalDiskInfo.lnk
[2017.11.20 21:11:34 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
[2017.11.20 21:11:34 | 000,001,258 | ---- | C] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2017.11.16 21:08:15 | 000,074,716 | ---- | C] () -- C:\WINDOWS\SysNative\FeatureToastHeroImg.jpg
[2017.11.16 20:18:46 | 000,000,669 | ---- | C] () -- C:\WINDOWS\SysNative\nv-vk64.json
[2017.11.16 20:18:46 | 000,000,669 | ---- | C] () -- C:\WINDOWS\SysWow64\nv-vk32.json
[2017.11.08 17:51:43 | 000,000,702 | ---- | C] () -- C:\Users\derka\OneDrive\Dokumenty\records.html
[2017.11.08 17:46:35 | 000,002,570 | ---- | C] () -- C:\Users\derka\OneDrive\Dokumenty\zav-report-patrik.derka.html
[2017.11.08 17:45:32 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\ZAV.lnk
[2017.09.14 00:20:30 | 000,798,008 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-61-0.dll
[2017.09.14 00:20:14 | 000,490,296 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-61-0.exe
[2017.08.09 15:34:27 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017.07.12 21:29:42 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2017.07.12 21:25:02 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017.07.12 19:21:16 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2017.06.08 11:03:20 | 000,059,904 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017.03.18 22:03:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017.03.18 22:03:41 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017.03.18 21:58:56 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017.03.18 21:58:54 | 000,116,824 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017.03.18 21:58:54 | 000,112,128 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017.03.18 21:58:54 | 000,086,528 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017.03.18 21:58:52 | 003,200,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017.03.18 21:58:51 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017.03.18 21:58:48 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017.03.18 21:58:39 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017.03.18 21:58:37 | 001,859,072 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017.03.18 21:57:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017.03.18 21:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017.01.04 02:09:08 | 000,112,112 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv2.dll
[2017.01.04 02:09:04 | 000,101,352 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv1_CM.dll
[2017.01.04 02:09:00 | 000,141,296 | ---- | C] () -- C:\WINDOWS\SysWow64\libEGL.dll
[2016.09.10 10:17:22 | 001,819,918 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016.09.10 10:11:09 | 000,000,102 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2016.09.10 10:08:09 | 000,798,008 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2016.09.10 10:08:09 | 000,490,296 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2016.05.04 03:23:30 | 000,129,824 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
[2016.05.04 03:22:58 | 000,040,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe

========== ZeroAccess Check ==========

[2017.07.13 09:27:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017.09.30 06:43:47 | 007,318,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017.09.30 03:05:45 | 005,827,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017.03.18 21:57:58 | 000,961,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017.03.18 21:58:50 | 000,770,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017.03.18 21:57:53 | 000,510,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2017.10.25 19:43:35 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\.minecraft
[2017.10.25 17:28:32 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\audacity
[2017.08.02 11:26:35 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\FACEIT
[2017.07.17 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\MAGIX
[2017.09.28 19:22:59 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\MAGIX Computer Products Intl. Co
[2017.08.03 09:37:46 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Notepad++
[2017.10.10 20:54:24 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\obs-studio
[2017.09.13 16:26:46 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Opera Software
[2017.07.17 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Publish Providers
[2017.07.17 17:15:24 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Sony
[2017.11.23 23:25:39 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\Spotify
[2017.11.23 20:36:39 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\TS3Client
[2017.07.17 17:15:32 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\VEGAS
[2017.07.17 16:46:14 | 000,000,000 | ---D | M] -- C:\Users\derka\AppData\Roaming\VEGAS Pro

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 24.11.2017 14:33:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\derka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.15063.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 48,88% Memory free
5,66 Gb Paging File | 3,65 Gb Available in Paging File | 64,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,20 Gb Total Space | 733,86 Gb Free Space | 82,81% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,97 Gb Free Space | 91,86% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-MMEO2I19 | User Name: derka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 27 50 E6 B1 50 FB D2 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{401B5421-F96B-442E-871C-2D8EB3EEA151}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{4C4CFB76-882F-4787-B736-5235BE94FE78}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{50D749FB-CB45-497F-8AAC-46489F979767}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{724CB3AD-579F-4CA7-A40C-F87DCDA15F54}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{8898A89A-F7FF-4707-A017-97493EFD6CAB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{A7D3DC29-963B-4950-B5D2-C3D3A9ABF7B8}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{B9B21C98-2DF4-4CB3-91A2-53CD76CF9540}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{DE848323-FC35-41AF-98CD-4A2EA7A918B4}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{E7CB5E1E-CBF6-4999-B4C7-EF152B977F31}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{EB099658-373D-4D67-9182-D90F23131F9A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\root\office16\outlook.exe |
"{FB3EB369-7B13-4F2C-B586-67481ADE9A5E}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0007D782-BCD4-4AC1-9E83-FE2145F92369}" = dir=in | name=@{microsoft.microsoftedge_40.15063.674.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{004E27D7-30E5-4568-8BB5-6AC36528D8B8}" = dir=out | name=lenovo settings |
"{014125CB-6AC1-407B-A1F7-043EDE5F59F0}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{09AB4B6B-3D57-4357-A014-AEBCC095CAF3}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.15063.675_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{09FD93D7-0FD7-4641-AD13-96D44CBDA381}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{0BBD7B81-7E01-4F93-A16A-49A878E39F75}" = dir=out | name=@{microsoft.windowsstore_11710.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{0C0D3CAB-28ED-4C73-8B47-40B41600A7AE}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{0C0F44EE-64FF-4E17-9985-8491174FF456}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{0E58799D-4594-48AD-AE95-DA460C0A62C4}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{13023D98-7235-45DA-A8E9-7ECCFDCEE6CF}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{130CE94A-411B-4320-B1E5-D8C6972E70A2}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1451EB81-A502-447D-8457-080E11699352}" = dir=out | name=microsoft solitaire collection |
"{14F348D3-EAAA-4937-A7E0-12664E1BF3FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{18971C37-AF31-4F4C-96BC-2072262421B9}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{18EBCAFC-3ACE-4B6B-8F8A-759B6EFA722C}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.12894.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{1F9A4D56-06C5-4F74-AF62-62CCF701DEA7}" = dir=out | name=royal revolt 2 |
"{23736915-F314-42F0-BE7D-977F42BCD765}" = dir=out | name=wallet |
"{247562B8-D678-4661-BA78-752D86538026}" = dir=in | name=@{microsoft.zunevideo_10.17092.13511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{253F4D32-9462-415B-A9F4-429F03457462}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{25DADB9F-E8BB-4A65-A456-03F3DA703A55}" = dir=out | name=windows_ie_ac_001 |
"{267A129D-3033-4989-9637-FC8CE5B80EB5}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{2A3A577C-D719-40C7-94AA-D1BB98DEAA7F}" = dir=in | name=microsoft sticky notes |
"{2DB628C0-B918-4851-ACD3-18587082DDDD}" = dir=out | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{3050C1F8-226D-4A69-95B4-B52C021A5FDD}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{34796D86-27E6-485D-AEFA-34AF54BA45E0}" = dir=out | name=windows_ie_ac_001 |
"{384631BC-210B-45D2-8E20-9F05B3D79222}" = dir=out | name=@{windows.contactsupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{387EA9B9-D1D7-4F61-9228-665CED9AFE68}" = dir=out | name=@{a278ab0d.marchofempires_2.8.0.10_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{39A9CB4F-A4EA-478E-8FA0-334365B75ECA}" = dir=out | name=canon inkjet print utility |
"{3C888CAB-6626-4663-B6B1-06B47DF5B8EA}" = dir=out | name=@{microsoft.windows.cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{3F74BA00-DCEF-42BE-BE34-CB9EE4A9B20A}" = dir=out | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{4038066A-BD44-4E76-AA2A-A766B136C965}" = dir=in | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{410F56DF-FD75-47B6-985F-E3A8A48A30D6}" = dir=out | name=@{microsoft.zunevideo_10.17092.13511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{428B5880-17BE-4941-B658-B36605C58C15}" = dir=in | name=@{microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{44022DBD-718D-4A51-86BF-9B8832D094D7}" = dir=out | name=microsoft sticky notes |
"{4A3F70F5-C537-43B1-8F80-BE944F58D0BE}" = dir=in | name=@{microsoft.bingnews_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{4B669455-50B7-4E3B-8585-AC8F5B5A6522}" = dir=out | name=@{microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{4BA134E1-C1FF-4D3A-BC0E-710B5DD46A82}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{4ECDEBF0-A250-4038-89A9-C4DE5E910E71}" = dir=in | name=@{windows.contactsupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{57A3674E-E806-4F4D-B9C4-3E69A63A0200}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{59C20FBD-1B1E-478D-888D-AA74AB96AE61}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{5BE3EEDC-0553-4C97-B08F-CC7A6266056A}" = dir=in | name=@{microsoft.zunemusic_10.17085.22311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5CBEC2BC-27C8-4A43-AA69-633F187E3123}" = dir=out | name=xbox game bar |
"{5D34256C-69D0-4933-88AD-8752E9195E70}" = dir=out | name=@{microsoft.accountscontrol_10.0.15063.675_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{60D43CB0-3E70-4A13-90DA-6D2B726BE11C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{6312B948-1E4F-4E47-9617-9206CA37429E}" = dir=out | name=@{lenovocorporation.lenovoid_2.0.37.0_x86__4642shxvsv8s2?ms-resource://lenovocorporation.lenovoid/resources/displayname} |
"{658A08C6-35E8-4EAC-86CD-C2A262BCA73F}" = dir=in | name=canon inkjet print utility |
"{65F282CC-4E8B-4D1B-B45F-0D91435565A2}" = dir=in | name=xbox |
"{669EB232-A0EB-465F-B7C7-FB5A35F633FE}" = dir=out | name=windows_ie_ac_001 |
"{66B0BA98-AD80-4D3E-B216-A7D71C18F055}" = dir=out | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{68E26E98-BAE5-475E-B4FB-F8C40340FA73}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{69F70E72-59D6-4010-804C-8852AA683ED9}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.12894.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{6A21378B-EDEF-47FD-8586-AC2A8180E3AD}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{6C9027EA-0E97-4A03-A3D1-B4E270C78C82}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6CA67865-E753-4C22-9082-03695980F2EC}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{6E22071C-E6A2-49D6-B282-A4A0D610FC12}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1708.2831.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{6E3C2C21-E53D-4456-8175-17C0134BEE17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6F6B53B6-E6DF-4D77-B627-16B424E74B5D}" = dir=in | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{72B157C6-3658-49D0-9FB7-12232DBE97E6}" = dir=in | name=@{microsoft.oneconnect_2.1709.2484.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{73B2C760-FBB6-4488-99A0-DEAD25427745}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{73E0F2DE-6773-40FE-83C9-4675F81B027D}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{7400EA64-F381-41E4-AD53-55BBE3F92D84}" = dir=in | name=royal revolt 2 |
"{742B9248-D52D-479D-BBD3-754FF8EA4551}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{78AB1B70-B4E7-4C39-9C51-5F92D10961A7}" = dir=out | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{7A58A9E7-161A-4B0B-BD02-4E1FC5A5310E}" = dir=out | name=@{microsoft.oneconnect_2.1709.2484.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{7B39BAB8-48F7-4407-91A5-6D30EA007BEE}" = dir=out | name=@{microsoft.lockapp_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{7B8E6987-2A49-4F06-81F9-2E83702CC6BD}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{7B901ECA-FA33-4D7B-AF72-000193996D92}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{819CBDD8-6A56-457F-80F5-F40AF06D7FBC}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{86AE30BB-E206-4509-AAD3-18D0CD655526}" = dir=in | name=@{microsoft.windows.photos_2017.39091.16340.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{8A4065D0-0682-4471-9C56-C0FD6FE01BEF}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{8AB50D87-EE6B-4D73-9BB6-C6F606FF5E5C}" = dir=out | name=@{microsoft.windowsmaps_5.1708.2764.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{900F5CBA-C127-4574-BA43-EB3DC36BBA96}" = dir=out | name=@{microsoft.skypeapp_12.8.487.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{90A77B9B-FDD7-4707-AAEF-17F7CE964363}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{92714709-8A9E-41B1-A128-78B31B6DE2EF}" = dir=out | name=@{microsoft.zunemusic_10.17085.22311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{939EA32E-5BB4-4E12-A597-BACA0818666A}" = dir=in | name=onenote |
"{9590294A-43F8-4B45-AFE3-F88E57344377}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{96C2FF91-80ED-4F77-8E08-3B7425546502}" = protocol=6 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{97708AAD-E3A2-4304-B77E-97387DCA5198}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{9868C6E4-EEA2-4560-8464-F156351D32D4}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{98AF7E09-00D0-4121-8A44-FE5711D9A243}" = dir=out | name=@{microsoft.storepurchaseapp_11710.1710.30001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{990406E2-DAC9-49F1-864E-17F7C65CDE6B}" = dir=out | name=@{microsoft.windows.photos_2017.39091.16340.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{9A25071E-09E9-423E-9D02-E2E599CEF1DC}" = dir=in | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{9ACE7A98-FDE6-4AEB-95D3-82FD06F1E444}" = dir=out | name=@{microsoft.bingnews_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{9B536DFE-CF33-483F-A1FE-AF0E21C0B3AB}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{9D514E9B-7B92-4079-90E8-90623C2BF37A}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{9F1846B4-A91A-4095-9629-355A5B9A2117}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{9FD70401-2A9F-4E49-BB41-396000B79DF6}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{A0D8C9AE-316A-4807-9FFF-8E3681962DBA}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.15063.675_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{A14258D2-91E7-43ED-91DB-6EC0A8BBE1E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A26F3B57-9796-4956-B450-A63AF278A1AC}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1708.2831.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{A275D17A-3023-42F6-B52C-4FBA3A8BC214}" = dir=out | name=candy crush soda saga |
"{A327329E-9258-47E8-A4E7-D7E903849641}" = dir=out | name=holographic item player |
"{A3A52CBC-454A-4429-9A28-4CE4FE704221}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A5AC9A32-34BE-4575-A29B-E60AC40F7972}" = protocol=17 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{AAE73758-C17F-4AA2-AC78-BEE80F34ACB2}" = dir=in | app=c:\program files (x86)\lenovo\lenovo photo master\subsys\advphotoeditor\photodirector5.exe |
"{AB29AFFB-8881-4B22-BBE0-65D2A54140A1}" = dir=out | name=lenovo settings |
"{AE70626E-46ED-40B9-A540-BA848999D945}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B315053C-47C7-4EEF-AC9C-BF674DAEC0FF}" = dir=in | name=@{microsoft.windowsstore_11710.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{B6BA20CA-E17F-4464-B05B-D4C12A4B6952}" = dir=out | name=@{microsoft.microsoftedge_40.15063.674.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{BA29D7B1-3135-4E2B-9888-023ED3057973}" = dir=out | name=xbox |
"{BB4D956C-DD67-4534-9FA5-6BBD713944B9}" = dir=in | name=@{microsoft.bingweather_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{BD0BFD0C-1069-4F0A-A243-ACF2515CBA00}" = dir=out | name=@{microsoft.xboxidentityprovider_11.29.23003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{BE0227D0-DDCD-4EE0-992B-59CBFD2D7FBC}" = dir=out | name=@{microsoft.people_10.2.2791.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{C0B29909-861A-4F15-803B-B0DE9EAB4014}" = dir=out | name=mixed reality viewer |
"{C3C84657-4FD7-4086-AD90-92C7DA3BB0BF}" = dir=in | name=@{a278ab0d.marchofempires_2.8.0.10_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{C3F7C9B0-9621-4A73-BE97-C0DFAD65BB67}" = dir=out | name=@{e046963f.lenovocompanion_4.5.3.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{C5327FF5-52F3-4E78-B482-50964C296831}" = dir=in | name=@{microsoft.windows.cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{C612CA8C-18E4-4A41-B6F0-08CDAE269DA3}" = dir=out | name=@{microsoft.getstarted_5.12.2691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C74387D2-6BF4-4958-AB86-2352C9F5AC97}" = dir=in | name=lenovo settings |
"{C9926639-6BCB-4D8B-9988-A5E0396AA6EF}" = dir=out | name=twitter |
"{CAC01CBF-92AB-49B7-BEEB-A8AE5194A60C}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{CBBFF0F6-7D7A-4E2D-A316-DA8EED195EBC}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{CE820192-5E93-4D05-BFE4-463C1C47AF82}" = dir=out | name=@{microsoft.windowscalculator_10.1709.2703.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{D16C33EE-3AFB-40F8-8A92-E8E350518F0C}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D4C603B5-B99E-4021-B368-E7858B903E9F}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{DBCA0199-B7E2-49B6-8E23-82C1438B9385}" = dir=out | name=@{environmentsapp_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://environmentsapp/resources/displayname} |
"{DC630490-E0A2-406B-91A6-A9BC2AF8CE01}" = dir=out | name=3d builder |
"{DCBFD980-5675-4EAD-B6F6-94096CA8E730}" = dir=out | name=@{microsoft.mspaint_3.1710.30027.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{DCD6A9C2-4F0C-4097-BA90-3567F7B1B95B}" = dir=out | name=@{microsoft.bingweather_4.21.2212.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{DCE0BAF1-F0A6-4BC8-A6BD-EFF6D4C19B1E}" = dir=out | name=onenote |
"{DDF6C23A-6A36-43AA-B5BF-4210C1804A01}" = dir=out | name=lenovo settings |
"{E6CAD80D-1BAB-4528-A7F5-DD191EB40380}" = dir=in | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{E773AB30-0C44-4208-8B23-847A6E761DE1}" = dir=in | name=lenovo settings |
"{EB0AADD5-8BF7-4F7B-B0CB-72F9C2811199}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F39F582A-0429-4320-BFDD-5ECBDC0D721C}" = dir=in | name=@{microsoft.skypeapp_12.8.487.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{F73A8C73-6894-45FF-AC33-ABDA11D616B8}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F90F4017-D7CA-4D6E-B5DF-B059EA73AB4F}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"TCP Query User{072C2B5C-36FD-4B97-B462-49F5DC93F87C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" = protocol=6 | dir=in | app=c:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe |
"TCP Query User{17F14D72-C9D4-4902-9C53-289A492E10ED}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe |
"TCP Query User{2656D5E5-2C29-433A-9415-50A73932A5C3}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe |
"TCP Query User{4E17C934-DB9B-4146-B729-EC63165852BF}C:\users\derka\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\derka\appdata\roaming\spotify\spotify.exe |
"TCP Query User{A605455F-FABE-4E0E-B2E7-C81ECD4CC684}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe |
"TCP Query User{B78D801E-5EAE-4813-9BC2-6E49C29AA91E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe |
"UDP Query User{015451F7-C306-41C4-80E0-C0DDB2093825}C:\users\derka\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\derka\appdata\roaming\spotify\spotify.exe |
"UDP Query User{061F709B-806C-4489-AFB6-090F3FB5DEC7}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe |
"UDP Query User{1E3867AC-E41D-4761-9B80-FBBCDAF57B45}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe |
"UDP Query User{406F216E-9744-476B-974A-517295FEE03A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" = protocol=17 | dir=in | app=c:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe |
"UDP Query User{886FC83E-1683-4D09-AA78-27BC9B697737}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe |
"UDP Query User{C4852FEB-8B2A-421B-9C2C-856BFBE88D5C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}" = Intel(R) Chipset Device Software
"{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1" = FACEIT AC version 1.0
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}" = Dolby Audio X2 Windows API SDK
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.2.2.2018
"{3DF3AC42-174D-4915-9ED2-448AD4338B83}" = Intel(R) ME UninstallLegacy
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4C79D80F-79F9-11E6-8402-BB95F5A309BD}" = VEGAS Pro 14.0 (64-bit)
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{52116C70-79F9-11E6-9541-BB95F5A309BD}" = MSVCRT Redists
"{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}" = Qualcomm Atheros Bluetooth Installer (64)
"{66C5838F-B854-4A55-89E6-A6138747A4DF}" = Epic Games Launcher Prerequisites (x64)
"{899F9754-1F6B-4EEC-8D27-25E9DF331062}" = Intel(R) Management Engine Components
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-00DD-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component 64-bit Registration
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 388.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 388.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.9.0.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 28.0.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.17.0524
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 28.0.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = NVIDIA SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper" = NVIDIA TelemetryApi helper for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NVIDIA NodeJS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NVIDIA Virtual Host Controller
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.9.0.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = NVIDIA SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.90.1
"{B66F70B4-34E5-429A-9F55-7129E0833A45}" = Intel(R) Rapid Storage Technology
"{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}" = Dolby Audio X2 Windows APP
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"7-Zip" = 7-Zip 16.04 (x64)
"Notepad++" = Notepad++ (64-bit x64)
"O365HomePremRetail - cs-cz" = Microsoft Office 365 - cs-cz
"Steam App 730" = Counter-Strike: Global Offensive
"VulkanRT1.0.11.1" = Vulkan Run Time Libraries 1.0.11.1
"VulkanRT1.0.61.0" = Vulkan Run Time Libraries 1.0.61.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20CA507E-24AA-4741-87CF-CC1B250790B7}" = Qualcomm Atheros 11ac Wireless LAN Installer
"{213B426C-5317-4F2D-8395-AC04B70711C4}" = Epic Games Launcher
"{26A24AE4-039D-4CA4-87B4-2F32180151F0}" = Java 8 Update 151
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1" = Zemana AntiMalware

"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0405-0000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1" = zavvyuka
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1" = CCSDK Customer Engagement Service
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = Lenovo PowerDVD12
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC94C56A-3649-420C-8756-2ADEBE399D33}" = Lenovo Photo Master
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{c6c5a357-c7ca-4a5f-9789-3bb1af579253}" = Launcher Prerequisites (x64)
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Pomocník s aktualizací Windows 10
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = EasyCamera
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{fb610cea-ba50-4d4b-a717-cf025419035c}" = Intel(R) Chipset Device Software
"Audacity_is1" = Audacity 2.0
"Bloody3" = Bloody6
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.5.0
"Google Chrome" = Google Chrome
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = Lenovo PowerDVD12
"OBS Studio" = OBS Studio
"Steam" = Steam
"VLC media player" = VLC media player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"69f070f18ade444c" = SDÍLEJ.CZ Manager
"OneDriveSetup.exe" = Microsoft OneDrive
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22.11.2017 9:49:21 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x04ded345 ID chybujícího
procesu: 0x29e8 Čas spuštění chybující aplikace: 0x01d36398af5654ba Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 22ccbfa9-7c12-4f8c-afcc-15a5a0f1e629 Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 22.11.2017 10:19:12 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 22.11.2017 10:19:14 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x0493d33d ID chybujícího
procesu: 0x1fdc Čas spuštění chybující aplikace: 0x01d3639cdb312d7d Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 29ee61b6-51ef-4927-96f0-0fb79ded52ab Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 22.11.2017 16:58:45 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 22.11.2017 16:58:47 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x04edce9d ID chybujícího
procesu: 0x1444 Čas spuštění chybující aplikace: 0x01d363d4ac1377f0 Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 32442194-1445-4bfc-804a-0efe86423cd2 Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 22.11.2017 17:06:29 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 22.11.2017 17:06:32 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x052fd33d ID chybujícího
procesu: 0x53c Čas spuštění chybující aplikace: 0x01d363d5c1123a89 Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 39f8f550-0324-4419-8484-1214c87321bc Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 24.11.2017 0:35:19 | Computer Name = LAPTOP-MMEO2I19 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 24.11.2017 9:32:09 | Computer Name = LAPTOP-MMEO2I19 | Source = .NET Runtime | ID = 1026
Description =

Error - 24.11.2017 9:32:12 | Computer Name = LAPTOP-MMEO2I19 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042,
časové razítko: 0x5639dd97 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x0485d33d ID chybujícího
procesu: 0x2388 Čas spuštění chybující aplikace: 0x01d365289d5dd667 Cesta k chybující
aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: a905b3ec-bb00-4b1c-b0b6-dc47c18fa2eb Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

[ System Events ]
Error - 24.11.2017 0:35:19 | Computer Name = LAPTOP-MMEO2I19 | Source = DCOM | ID = 10010
Description =

Error - 24.11.2017 9:23:31 | Computer Name = LAPTOP-MMEO2I19 | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (8:44:39, ?24.?11.?2017) bylo neočekávané.

Error - 24.11.2017 9:23:32 | Computer Name = LAPTOP-MMEO2I19 | Source = BugCheck | ID = 1001
Description =

Error - 24.11.2017 9:23:30 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7000
Description = Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
%%50

Error - 24.11.2017 9:23:54 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7016
Description = Služba SAService ohlásila neplatný současný stav 14.

Error - 24.11.2017 9:28:44 | Computer Name = LAPTOP-MMEO2I19 | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:23:31, ?24.?11.?2017) bylo neočekávané.

Error - 24.11.2017 9:28:44 | Computer Name = LAPTOP-MMEO2I19 | Source = BugCheck | ID = 1001
Description =

Error - 24.11.2017 9:28:44 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7000
Description = Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
%%50

Error - 24.11.2017 9:29:14 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7016
Description = Služba Conexant SmartAudio service ohlásila neplatný současný stav
14.

Error - 24.11.2017 9:32:14 | Computer Name = LAPTOP-MMEO2I19 | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena.
Tento stav nastal již 1krát.


< End of report >

---

ZDE JE CDI:

---

----------------------------------------------------------------------------
CrystalDiskInfo 7.5.0 (C) 2008-2017 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 15063] (x64)
Date : 2017/11/24 14:51:08

-- Controller Map ----------------------------------------------------------
+ Intel(R) 6th Generation Core Processor Family Platform I/O SATA AHCI Controller [ATA]
- WDC WD10JPCX-24UE4T0
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0
----------------------------------------------------------------------------
Model : WDC WD10JPCX-24UE4T0
Firmware : 01.01A01
Serial Number : WD-WXV1E265XTVA
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1142 hod.
Power On Count : 291 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 181 178 _21 00000000077C Čas na roztočení ploten
04 _97 _97 __0 000000000C1D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _99 _99 __0 000000000476 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000123 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000000D Počet vypnutí disku
C1 196 196 __0 0000000034CC Počet cyklů načítání/vymazání
C2 116 105 __0 00000000001F Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
F0 _99 _99 __0 000000000457 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 5631 4532 3635 5854 5641
020: 0000 8000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 4358 2D32 3455 4534 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 00CC
080: 03FE 0000 346B 7D29 6123 3469 BC09 6123 407F 005D
090: 005D 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: B199 75CC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 3AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B5 B2 7C 07 00 00 00 00 00 04 32 00 61 61 1D
020: 0C 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 63 63 76 04 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 23 01 00 00 00 00 00 C0 32
070: 00 C8 C8 0D 00 00 00 00 00 00 C1 32 00 C4 C4 CC
080: 34 00 00 00 00 00 C2 22 00 74 69 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 F0 32
0D0: 00 63 63 57 04 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 34 44 01 7B
170: 03 00 01 00 02 C3 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AD

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 F0 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5A