Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Jan (administrator) on MSI (Micro-Star International Co., Ltd. GS73VR 7RF) (08-12-2019 14:03:52)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(MAGIX AG) [File not signed] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(MDL Forum, mod by Ratiborus) [File not signed] C:\ProgramData\KMSAuto\bin\KMSSS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.62\opera_crashreporter.exe
(PACE Anti-Piracy, Inc.) [File not signed] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3366624 2017-05-04] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734392 2017-08-18] (A-Volute -> Nahimic)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230312 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301848 2017-06-08] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [229080 2019-11-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-981506708-2838147557-1008053113-1001\...\MountPoints2: {5c1f6c18-a13e-11e8-b47e-9cb6d01b2f58} - "E:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-10-05]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2018-10-09]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0539458F-208F-4B40-B273-3B6F22513AB3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-19] (Adobe Inc. -> Adobe)
Task: {1B66DA3A-6140-4F0B-875D-73E708841B4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-09] (Google Inc -> Google Inc.)
Task: {1BFDC1FA-BD12-455A-90D9-C86657593C19} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [5046784 2019-12-04] () [File not signed]
Task: {1DE7E2EF-38B1-41F4-B495-38AFBCE2320D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {20B51936-569B-4CD5-A82D-39482B4C4BE3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2175FC13-8C03-4E93-A4BE-79024CD8106A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-09] (Google Inc -> Google Inc.)
Task: {28AFA186-32AF-4FCC-AF98-8330AA917837} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2AB56F3C-E5E8-4109-A7F5-94C30B66F8F3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CD6E618-CA92-47EB-B8C3-8975788B737D} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734392 2017-08-18] (A-Volute -> Nahimic)
Task: {32DA5EE1-9EAB-47E0-AD82-CD3DB6C01730} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2015968 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {37979FCA-4AF9-4FB0-89CB-D003A91DEC2A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37DE3B55-2F3B-418E-95F4-D117C51BE7B3} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [431384 2017-07-25] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {3B48EE20-E80F-4879-B094-C234D35496AB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EA36976-C0E1-4756-8EED-C728A35CEE53} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {4F9AAF31-C6FF-496B-9F4A-2777EDDFD5B9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56027752-41D0-43AB-83FA-D84BFA5E0902} - System32\Tasks\Nahimic2svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe [520376 2017-08-18] (A-Volute -> )
Task: {5A462DAF-7613-4A14-B2BB-C8F7C5293906} - System32\Tasks\Opera scheduled Autoupdate 1502455025 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-04] (Opera Software AS -> Opera Software)
Task: {6CE420CB-AED2-422E-AC96-38ACDA78AF85} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {720F5910-1EBA-4631-B2E1-33CD0BB9D9A9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-19] (Adobe Inc. -> Adobe)
Task: {9B4AE754-75A5-4EF6-84A8-C2D67D0A0DE5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {A089BB1A-8CE6-4736-B8FB-8BD5BA52C230} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A244E7FC-92A5-4441-86B2-AED18A7AFA49} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A35B4EC8-DC61-484F-957F-A3570EA0379D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {B18C7A2C-9C95-4968-80ED-6AF002105EB8} - System32\Tasks\AdobeAAMUpdater-1.0-MSI-Jan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B37856D4-503E-4023-BFD7-3D1CA77AD0D3} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [6455064 2017-11-21] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {BCA77883-578F-4D22-A842-678E616CE3EE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C4CD8D02-BC89-490A-9A02-E37FB9C1AA02} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431304 2019-11-19] (Overwolf Ltd -> Overwolf LTD)
Task: {C56AEA7A-E260-4AC4-A813-CA766FC71701} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [222944 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D3457876-7B6C-4F0C-AB82-51C259EDC6C9} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [148248 2018-01-18] (Johannes Schindelin -> The Git Development Community)
Task: {D8112C22-32C3-48B8-8431-656FD3856343} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [222944 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {DB8A013F-31D3-4C75-95D2-6C8FA30C27B6} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {DE309B9E-6D1E-4673-A410-A26F7FCDE6B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-12] (Piriform Ltd -> Piriform Ltd)
Task: {EC7F075D-B03C-48BD-9FF4-CDE167386F18} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECBCD7A0-BDE0-4669-854F-8034E9865ECF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF3FA57B-3CD1-4F24-A6BE-BF7CDCCF244C} - System32\Tasks\Nahimic2svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe [4412088 2017-08-18] (A-Volute -> )
Task: {F4B071D0-F7FB-4636-87D8-F36B27CA3C30} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe [275256 2016-06-22] (Micro-Star International CO., LTD. -> Application) [File not signed]
Task: {F931DE80-359E-4F0E-B1D3-A151BC8C1524} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 193.85.1.100 193.85.2.100
Tcpip\..\Interfaces\{1a0ea6b4-dc39-4b57-af6c-ad9675103c47}: [DhcpNameServer] 193.85.1.100 193.85.2.100
Tcpip\..\Interfaces\{ebdf0324-493f-4853-9740-1e1b1c3464b1}: [DhcpNameServer] 89.239.24.34 89.239.24.2

Internet Explorer:
==================
HKU\S-1-5-21-981506708-2838147557-1008053113-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-981506708-2838147557-1008053113-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-981506708-2838147557-1008053113-1001 -> DefaultScope {00CA61B6-0A1B-4919-B9BD-2F673E81B415} URL = 
SearchScopes: HKU\S-1-5-21-981506708-2838147557-1008053113-1001 -> {00CA61B6-0A1B-4919-B9BD-2F673E81B415} URL = 
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2018-11-01] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: xu2fpcj6.default
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\xu2fpcj6.default [2019-12-08]
FF Extension: (Telemetry coverage) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\xu2fpcj6.default\features\{2f63b28c-7193-4518-a6ab-ad89ff9d1e14}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-12-16] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2019-12-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-11-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR DownloadDir: D:\Staženo
OPR Notifications: hxxps://220.lv
OPR Extension: (Speed Translate) - C:\Users\Jan\AppData\Roaming\Opera Software\Opera Stable\Extensions\jggobmlojchhlngdhmmdghgganciigof [2019-12-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-11-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [567872 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591264 2019-11-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-07-03] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2017-05-04] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-06] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483376 2018-06-15] (Rivet Networks LLC -> Rivet Networks)
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [301056 2015-07-24] (MDL Forum, mod by Ratiborus) [File not signed]
R2 Micro Star SCM; C:\Windows\SysWoW64\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [180520 2016-09-09] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [61880 2017-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431304 2019-11-19] (Overwolf Ltd -> Overwolf LTD)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99560 2019-10-21] (ProtonVPN AG -> )
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2015968 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207784 2019-12-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2019-09-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-08-11] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-08-11] (Disc Soft Ltd -> Disc Soft Ltd)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31824 2017-05-04] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-06-15] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-09-15] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_46205307ba527f6f\nvlddmkm.sys [20706184 2019-02-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2019-09-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-11-22] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-05-24] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-29] (SteelSeries ApS -> )
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2019-09-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [175248 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-04-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-24] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 14:03 - 2019-12-08 14:04 - 000038641 _____ C:\Users\Jan\Desktop\FRST.txt
2019-12-08 14:03 - 2019-12-08 14:04 - 000000000 ____D C:\FRST
2019-12-08 14:02 - 2019-12-08 14:02 - 002263552 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2019-12-05 00:44 - 2019-12-05 00:44 - 000000000 ____D C:\ProgramData\KMSAuto
2019-12-05 00:39 - 2019-12-05 00:46 - 000000000 ____D C:\Users\Jan\AppData\Local\MSfree Inc
2019-12-04 17:34 - 2019-12-08 13:51 - 000003808 _____ C:\WINDOWS\system32\Tasks\AutoKMS
2019-12-04 17:34 - 2019-12-04 20:29 - 000000000 ____D C:\WINDOWS\AutoKMS
2019-12-04 17:32 - 2019-12-04 17:32 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2019-12-04 16:14 - 2019-12-04 16:48 - 000000000 ____D C:\Users\Jan\AppData\Local\ProtonVPN
2019-12-04 16:14 - 2019-12-04 16:14 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-12-04 16:13 - 2019-12-04 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2019-12-04 16:13 - 2019-12-04 16:13 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2019-12-04 00:24 - 2019-12-04 00:24 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign12b36f12deded2f8
2019-12-04 00:23 - 2019-12-04 00:23 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsigneb4f33bf78b76da7
2019-12-03 23:56 - 2019-12-03 23:56 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsignc7879d5303654c7a
2019-12-03 23:55 - 2019-12-03 23:55 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign7fc209986b10967a
2019-12-01 17:29 - 2019-12-01 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-12-01 17:29 - 2019-12-01 17:29 - 000000000 ____D C:\Program Files\qBittorrent
2019-11-23 21:35 - 2019-11-23 21:35 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsignf6efff9bfe30e4d1
2019-11-23 21:35 - 2019-11-23 21:35 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign773389efaf87e5b2
2019-11-23 18:15 - 2019-11-23 18:15 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign23b822e9b7607e9c
2019-11-23 18:13 - 2019-11-23 18:13 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign72d0563109854502
2019-11-23 18:11 - 2019-11-23 18:11 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign15023cb991346b9e
2019-11-23 18:10 - 2019-11-23 18:10 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsignfc86bb03bc72a446
2019-11-23 18:10 - 2019-11-23 18:10 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsigndc73eb148add0dca
2019-11-19 00:30 - 2019-11-19 00:30 - 023455232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 022137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 012258816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 009667896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 007700696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 007656072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 006934016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 006547896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 006318328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 005770240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 005608336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 005575168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 004873216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 004413936 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 004049920 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003872336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003656792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002918200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 002699976 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002628112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 001933408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001702600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-19 00:30 - 2019-11-19 00:30 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001668784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 001486472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001473296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001346216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-19 00:30 - 2019-11-19 00:30 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001294792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001267240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-11-19 00:30 - 2019-11-19 00:30 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001183504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 001054224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 001049608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000888560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000862008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000856424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000808272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000773208 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000747536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000667664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000661264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000588816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000542320 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000536320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000514600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000509968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-19 00:30 - 2019-11-19 00:30 - 000473832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000465416 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000450632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000445752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000435512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000427832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000389408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000385848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000262152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-19 00:30 - 2019-11-19 00:30 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000198968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-19 00:30 - 2019-11-19 00:30 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000112168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000087080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000086744 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-19 00:30 - 2019-11-19 00:30 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000061480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-19 00:30 - 2019-11-19 00:30 - 000023768 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-11-19 00:30 - 2019-11-19 00:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-11-08 02:42 - 2019-11-08 02:42 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign6133be9dfb30eebe
2019-11-08 02:42 - 2019-11-08 02:42 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign4722afc3eb6b2855
2019-11-08 02:39 - 2019-11-08 02:39 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign168fe55821244d92
2019-11-08 02:25 - 2019-11-08 02:25 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign50b847c36a6a9e9d
2019-11-08 02:23 - 2019-11-08 02:23 - 000000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign06b8dbb485e51221

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 13:55 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-08 13:55 - 2017-08-11 12:47 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-08 13:53 - 2019-09-11 14:44 - 001566398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-08 13:53 - 2018-09-15 18:32 - 000662218 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-08 13:53 - 2018-09-15 18:32 - 000136852 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-08 13:53 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-08 13:52 - 2017-08-11 13:36 - 000000000 ____D C:\Program Files\Opera
2019-12-08 13:47 - 2019-09-11 14:45 - 000003206 _____ C:\WINDOWS\system32\Tasks\Nahimic2UILauncherRun
2019-12-08 13:47 - 2019-09-11 14:45 - 000003194 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc64Run
2019-12-08 13:47 - 2019-09-11 14:45 - 000003186 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc32Run
2019-12-08 13:47 - 2019-09-11 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-08 13:47 - 2017-08-11 10:56 - 000000000 __SHD C:\Users\Jan\IntelGraphicsProfiles
2019-12-08 03:09 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-08 03:09 - 2018-01-22 21:40 - 000000000 ____D C:\Users\Jan\.atom
2019-12-08 02:53 - 2017-12-02 00:06 - 000000034 _____ C:\Users\Jan\AppData\Roaming\AdobeWLCMCache.dat
2019-12-08 02:00 - 2017-09-06 20:48 - 000000000 ____D C:\Users\Jan\AppData\Local\Adobe
2019-12-08 00:20 - 2019-09-11 14:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-06 22:55 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-06 22:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-06 22:41 - 2018-01-13 23:16 - 000207784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-12-06 20:39 - 2019-09-11 14:45 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-06 19:12 - 2019-09-11 14:45 - 000003934 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1502455025
2019-12-06 19:12 - 2017-08-11 13:37 - 000001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-12-06 04:03 - 2019-08-01 13:14 - 000000000 ____D C:\Users\Jan\AppData\Roaming\qBittorrent
2019-12-06 00:23 - 2017-10-20 16:23 - 000000000 ____D C:\Program Files (x86)\Overwolf
2019-12-05 16:53 - 2016-11-24 17:23 - 001591088 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2019-12-05 02:45 - 2017-08-11 13:30 - 000000001 _____ C:\Users\Public\Documents\dgc_DC.txt
2019-12-05 01:49 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-04 18:20 - 2017-08-11 14:20 - 000000000 ____D C:\Users\Jan\AppData\Local\Microsoft Help
2019-12-03 17:55 - 2019-09-11 14:40 - 000000000 ____D C:\Users\Jan
2019-12-02 18:38 - 2017-11-24 20:37 - 000000000 ____D C:\Users\Jan\AppData\Local\Packages
2019-11-28 16:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-27 22:12 - 2017-08-11 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-11-27 22:12 - 2016-11-24 17:21 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-25 00:50 - 2019-09-11 14:45 - 000003350 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-981506708-2838147557-1008053113-1001
2019-11-25 00:50 - 2019-09-11 14:40 - 000002362 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-25 00:50 - 2017-08-11 10:58 - 000000000 ___RD C:\Users\Jan\OneDrive
2019-11-22 01:27 - 2017-12-04 19:46 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 04:07 - 2017-11-24 20:57 - 000000000 ___RD C:\Users\Jan\3D Objects
2019-11-20 04:07 - 2016-07-30 18:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-20 04:06 - 2019-09-11 14:39 - 005402520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-20 04:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-20 04:05 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-19 00:34 - 2017-08-11 16:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-19 00:31 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-19 00:31 - 2017-08-11 16:09 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-19 00:23 - 2018-04-12 13:28 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-19 00:22 - 2019-09-11 14:45 - 000004638 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-11-19 00:22 - 2019-09-11 14:45 - 000004506 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-11-19 00:22 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-11-19 00:22 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories ========

2017-11-28 16:35 - 2017-11-28 16:37 - 000000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2017-11-28 16:37 - 2017-11-28 16:41 - 000000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2017-12-02 00:06 - 2019-12-08 02:53 - 000000034 _____ () C:\Users\Jan\AppData\Roaming\AdobeWLCMCache.dat
2018-10-05 20:36 - 2019-11-07 00:34 - 000001456 _____ () C:\Users\Jan\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-06-06 17:32 - 2019-10-24 19:44 - 000055254 _____ () C:\Users\Jan\AppData\Local\krita.log
2019-10-24 19:44 - 2019-10-24 19:44 - 000000039 _____ () C:\Users\Jan\AppData\Local\kritadisplayrc
2019-06-06 17:32 - 2019-10-24 19:44 - 000019367 _____ () C:\Users\Jan\AppData\Local\kritarc

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================