Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-05-2020 03
Ran by roan_000 (administrator) on PC-ROMAN (Micro-Star International Co., Ltd MS-7C02) (10-05-2020 21:37:06)
Running from E:\bl\Instal
Loaded Profiles: roan_000 & SSASTELEMETRY & SQLTELEMETRY & MSSQLServerOLAPService & SSISTELEMETRY140 & MSSQLSERVER & MsDtsServer140 & MSSQL$ROANSQL & SQLTELEMETRY$ROANSQL
Platform: Windows 10 Pro Version 1809 17763.1158 (X64) Language: Čeština (Česko)
Default browser: "E:\Programs\Firefox\firefox.exe" -osint -url "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() [File not signed] E:\Programs\Open VPN klient\core\capiws.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) E:\Programs\Samsung\25_escape\conn\ss_conn_service.exe
(Epic Games Inc. -> Epic Games, Inc.) E:\Games\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) E:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Fortinet Technologies -> Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) E:\Programs\Total Commander\totalcmd\TOTALCMD64.EXE
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Kerio Technologies Inc.) [File not signed] E:\Programs\Kerio VPN\VPN Client\kvpncsvc.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\140\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\140\DTS\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\roan_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) E:\Programs\SQL Server 2017\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) E:\Programs\SQL Server 2017\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) E:\Programs\SQL Server 2017\MSAS14.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation -> Microsoft Corporation) E:\Programs\SQL Server 2017\MSAS14.MSSQLSERVER\OLAP\bin\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) E:\Programs\SQL Server 2017\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) E:\Programs\SQL Server 2017\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®) E:\Programs\drivers\amd64\tmInstall.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(My Portable Software) [File not signed] E:\Programs\My daily wallpaper\My_Daily_Wallpaper.exe
(Nero AG -> ) E:\Programs\HTC Sync\HTC Sync\adb.exe
(Nero AG -> Nero AG) E:\Programs\HTC Sync\HSMServiceEntry.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Oracle America, Inc. -> ) C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) E:\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.215.0_x64__dt26b99r8h8gj\RtkUWP.exe
(Rosetta Stone Ltd -> Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Viber Media S.à r.l. -> Viber Media S.Ã  r.l.) C:\Users\roan_000\AppData\Local\Viber\Viber.exe
(VMware, Inc. -> ) E:\Programs\VM WARE 14\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) E:\Programs\VM WARE 14\vmware-authd.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1093352 2020-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Kerio Control VPN Client] => E:\Programs\Kerio VPN\VPN Client\kvpncgui.exe [2180096 2016-01-12] (Kerio Technologies Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => E:\Programs\VM WARE 14\vmware-tray.exe [115640 2018-05-11] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [DAEMON Tools Lite Automount] => E:\Programs\Daemon Tool\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [Viber] => C:\Users\roan_000\AppData\Local\Viber\Viber.exe [41192976 2020-04-21] (Viber Media S.à r.l. -> Viber Media S.Ã  r.l.)
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [Akamai NetSession Interface] => C:\Users\roan_000\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [Spotify] => C:\Users\roan_000\AppData\Roaming\Spotify\Spotify.exe [25941224 2019-02-03] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [8030280 2020-02-24] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [EpicGamesLauncher] => E:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31757200 2020-05-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [My Daily Wallpaper] => E:\Programs\My daily wallpaper\My_Daily_Wallpaper.exe [536576 2015-03-21] (My Portable Software) [File not signed]
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {2152298c-aca8-11e9-8454-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {21bc381b-bb39-11e9-8470-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {2d334d83-c641-11e9-848a-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {402879e7-0850-11ea-84eb-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {609148d7-4d3c-11e9-83e1-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {91872e81-89b9-11e9-8430-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {a4eb48dd-2888-11e8-82db-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {c2523e65-d139-11e9-84a3-000272da0739} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {c565934f-3f4d-11ea-853e-000272da0739} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {cbf9aeb3-73b2-11e9-8411-000272da0739} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\...\MountPoints2: {f46a8d4f-20e1-11e5-8276-e0cb4e2c3ddd} - "K:\setup.exe" 
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37888 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-1549978933-2891762758-2075524219-3728768389-1145206490\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-3110769080-1041181104-338388146-2687983455-1658392935\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-3962636388-3248348125-217122445-325585018-661508364\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-4045996917-2981875607-16513352-3634139456-3182506656\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-445495084-1115697295-965667602-2315381631-2003428313\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> E:\bl\Instal\COMBT\Bluetooth Software\\BtwCP.dll [2013-09-04] (Broadcom Corporation -> Broadcom Corporation.)
BootExecute: 
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02515C49-6B75-41DC-A3DE-C05E5F30D26A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0BF5BF6D-6055-49CD-BCEF-2B25102AE54B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {0DF2A899-CAB7-4A4B-A56D-1A4E4A11C4E9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11D25815-B2FC-4F20-A99C-3CD86360C8C9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {1651D46D-06D3-4A52-868E-0DDD4DC4D211} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17B8C649-F82E-4CE1-AB70-8485870C93B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1EC9FEAF-EC7A-4B15-B3E4-D6D708F0AADD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1F0F6083-10C7-4C41-B10C-727E836CAAC8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {24E02782-688E-4E0D-8C41-70B79A6DE5A9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C25734E-613D-4F19-8870-623CB5FDE398} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {2F541B11-5B84-4367-9FFE-1C7FA11F61E3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {36F5C00E-EFA7-4397-9486-F479510B316F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-14] (Adobe Inc. -> Adobe)
Task: {3C9894A7-46DA-4960-B597-1803F426CF88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-28] (Google Inc -> Google Inc.)
Task: {3E1B4D8F-8CE8-42C9-A917-89082693E9A9} - System32\Tasks\Driver Easy Scheduled Scan => E:\Programs\DriverEasy\DriverEasy.exe
Task: {42015818-68C6-4E19-8DEC-3E19980A74E3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {42872928-C6C8-4ECB-9F69-EA900625FC2A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {430893B8-E33A-41D7-A80D-0E8F120F1329} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {44A98849-2EC7-467A-97B8-A99C70A5971D} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {58321224-6104-4C4C-A328-C2896282E9FD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {583EA4D7-3E55-44C1-84FB-DFE28BE90A06} - System32\Tasks\ParkControl => E:\Programs\ParkControl\parkcontrol.exe
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\Windows\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {5B5AB817-E502-4BBF-AF18-A4E51C5BC653} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60CD647A-5FD7-4008-A2D3-30829847E85D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6628C70A-8980-4442-961B-3E038DD509DF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-roan@volny.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {69F60ADA-DE55-4CA1-B574-9AE12309DCEF} - System32\Tasks\Microsoft\Windows\Software\UpdaterService => C:\ProgramData\UpdaterService\UpdaterService.exe <==== ATTENTION
Task: {6C24D94D-66CA-4840-9E87-A485C066DD98} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {701C10E4-458C-412A-80E5-84D6B0E88F7A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76CB1F29-EFC4-4C67-B91D-D65B133C6748} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {848447A9-D0EE-4978-BD0B-2160849C3B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8663B173-CF5D-45F0-9BBD-1D62D22808C1} - no filepath
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8ABC3242-46AA-45F4-B8FA-8A414E0AB006} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-28] (Google Inc -> Google Inc.)
Task: {998DCFD2-3825-4B0F-BF7E-16A93A2CB7BA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {9C01C0CB-750E-45FA-A5E1-82F4633AC006} - System32\Tasks\BlueStacksHelper => E:\Programs\BlueStacks\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {AA586885-1F15-4540-8489-FB0ACA292FCB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC8EA9C9-F738-48DB-9BA7-A4097A7B49D3} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70016 2019-05-15] (Oracle America, Inc. -> Oracle Corporation)
Task: {B5B3DB4E-3A94-47C9-963B-B3C27DE397E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B6960A6A-0792-4A41-8FB0-84329C5B52D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B7E50A9B-28DC-4077-9543-FD213B15E795} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {BCA0557F-B330-4D7D-A913-734B73215CD3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C34BA74A-C4CC-4176-9E9A-62D50DF44ADA} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => E:\Programs\Visual_studio_express\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5A1E4E-CF21-402C-BD1E-A0140DEAAE09} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D560C074-AC55-46B6-86AF-AA64ECA46A94} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DA87A77D-EBB2-49DA-B76B-BC2705CCC98B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DC51533D-9DAB-465B-BDB4-3F212D602F54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {DE8DBF49-284A-4907-860F-CFC952DBD606} - System32\Tasks\Mozilla\Firefox Default Browser Agent 6123135B9B432AA6 => E:\Programs\Firefox\default-browser-agent.exe do-task
Task: {E1F4F75F-E6B6-4470-9618-A36F05A4E4D4} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-05-01] (Microsoft Corporation -> Microsoft)
Task: {E3F1EE77-2A22-4C4E-B75F-2A0F007AA931} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ECB25DED-04F3-4CBB-9905-8FBAB8024F60} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF2F97C1-F2AC-4242-ACF2-44EE2AF8E606} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => E:\Programs\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{09ca073a-a9ef-44ff-b3b0-cb34bfa7fd69}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{09ca073a-a9ef-44ff-b3b0-cb34bfa7fd69}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0a5e8418-751d-44d3-a4d6-0f6c56f52764}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{644d6103-6dc8-4296-bae9-44f88851bf60}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7b3d35f9-46b2-43de-a6b1-9b5e751ea78c}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a6b8a41f-2404-4882-b14d-0664567d6d14}: [DhcpNameServer] 10.189.121.1
Tcpip\..\Interfaces\{a6c07591-ca1a-447d-90e7-265be42e5619}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ba046268-2445-4e65-b8e0-de85a3744f57}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ba046268-2445-4e65-b8e0-de85a3744f57}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c1258ff3-5a97-11e7-8247-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{dda6991f-b3fc-4cc2-8afa-f3c3dd1c9916}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{dda6991f-b3fc-4cc2-8afa-f3c3dd1c9916}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f8528a50-5811-44c3-8519-1cc55fb147d1}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131209209694986176&GUID=A2E2CB6D-FA75-408E-8870-6883433609D3
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2490308184-3408559818-3602897103-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2490308184-3408559818-3602897103-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-10-31] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {997C5A94-77F6-427D-A388-AC2B6ECF0F7C} hxxp://192.168.2.80:8080/qadhome/client/setup.ocx

Edge: 
======
DownloadDir: C:\Users\roan_000\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2490308184-3408559818-3602897103-1001 -> about:start

FireFox:
========
FF DefaultProfile: fv0u5jnu.default-1487449921023-1579115774897
FF ProfilePath: C:\Users\roan_000\AppData\Roaming\OpenVPN Technologies\OpenVPN Client\Profiles\yydfnsvz.default [2017-01-16]
FF Homepage: OpenVPN Technologies\OpenVPN Client\Profiles\yydfnsvz.default -> resource://webapp/openvpn.html
FF ProfilePath: C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897 [2020-05-10]
FF NewTabOverride: Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897 -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897 -> Enabled: {e839c3f9-298e-4cd0-99e0-464431cb7c34}
FF Extension: (YouTube Download Plus) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\addon@ytdownloader.info.xpi [2020-05-08]
FF Extension: (Group Speed Dial) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2020-03-27]
FF Extension: (Cisco Webex Extension) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\ciscowebexstart1@cisco.com.xpi [2020-01-15]
FF Extension: (Simple YouTube to MP3/MP4 Converter) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi [2020-01-15]
FF Extension: (Google Translator for Firefox) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\translator@zoli.bod.xpi [2020-01-15]
FF Extension: (Wordology) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\wordology@wordology.com.xpi [2020-04-12]
FF Extension: (Udělej printscreen celé webové stránky - FireShot) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2020-01-15]
FF Extension: (EPUBReader) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-01-15]
FF Extension: (Plná Peněženka Lištička Lite) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\{85d8e8cc-273a-4845-a75b-4b44377c703c}.xpi [2020-01-15]
FF Extension: (No Name) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-02]
FF Extension: (No Name) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2020-04-19]
FF Extension: (Foxy Gestures) - C:\Users\roan_000\AppData\Roaming\Mozilla\Firefox\Profiles\fv0u5jnu.default-1487449921023-1579115774897\Extensions\{e839c3f9-298e-4cd0-99e0-464431cb7c34}.xpi [2020-01-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> E:\Programs\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> E:\Programs\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> E:\Programs\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> E:\Programs\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> E:\Programs\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
StartMenuInternet: FIREFOX.EXE - E:\Programs\Firefox\firefox.exe

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2020-05-04] <==== ATTENTION
CHR Notifications: ChromeDefaultData -> hxxps://paleosnadno.cz
CHR HomePage: ChromeDefaultData -> about:blank
CHR StartupUrls: ChromeDefaultData -> ""
CHR Extension: (Prezentace) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-25]
CHR Extension: (YouTube) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-25]
CHR Extension: (Adobe Acrobat) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-13]
CHR Extension: (Tabulky) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Postman) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2018-12-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-22]
CHR Extension: (Avast Online Security) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-13]
CHR Extension: (NetBeans Connector) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2020-02-15]
CHR Extension: (Super Netflix) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\iakpdiefpdniabbekcbofaanjcpjkloe [2020-03-29]
CHR Extension: (CrxMouse Chrome™ Gestures) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2020-03-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Gmail) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR Profile: C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default [2017-10-03]
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> ""
CHR Extension: (Prezentace Google) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
CHR Extension: (Dokumenty Google) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
CHR Extension: (Disk Google) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (YouTube) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
CHR Extension: (Vyhledávání Google) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
CHR Extension: (YouTube to MP3) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggppmapmeglphhmbmdgimclmpnhckcjp [2016-03-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-19]
CHR Extension: (Avast Online Security) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-28]
CHR Extension: (Gmail) - C:\Users\roan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"BEDaisy" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\BEDaisy => \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys <==== ATTENTION (Rootkit!/Locked Service)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8567960 2020-04-15] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; E:\Programs\Daemon Tool\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-07-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FortiSslvpnDaemon; C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe [954080 2013-09-19] (Fortinet Technologies -> Fortinet Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1242696 2020-02-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-24] (GOG Sp. z o.o. -> GOG.com)
R2 HTCMonitorService; E:\Programs\HTC Sync\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG -> Nero AG)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 KVPNCSvc; E:\Programs\Kerio VPN\VPN Client\kvpncsvc.exe [2024960 2016-01-12] (Kerio Technologies Inc.) [File not signed]
S3 memoQauhlp78; E:\Programs\memoQ\MemoQ.AutoUpdate.exe [223120 2016-06-06] (Kilgray Forditastechnologiai Kft. -> Kilgray)
R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85296 2018-06-22] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [93560 2016-03-09] (Microsoft Corporation -> Microsoft Corporation)
R2 MsDtsServer140; C:\Program Files\Microsoft SQL Server\140\DTS\Binn\MsDtsSrvr.exe [219728 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$ROANSQL; E:\Programs\SQL Server 2017\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; E:\Programs\SQL Server 2017\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 MusicCenter Back-End Service; e:\Programs\Sony Music Center\avlib\SsBeServiceMc.exe [181928 2017-12-15] (Sony Video & Sound Products Inc. -> Sony Video & Sound Products Inc.)
R2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [47479224 2019-06-26] (Oracle America, Inc. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OpenVPNAccessClient; E:\Programs\Open VPN klient\core\capiws.exe [24064 2010-08-12] () [File not signed]
S3 PACSPTISVR-Music_Center; e:\Programs\Sony Music Center\Sony.Earth\PACSPTISVR.exe [167824 2017-12-15] (Sony Video & Sound Products Inc. -> Sony Video & Sound Products Inc.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [1093352 2020-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5897960 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SQLAgent$ROANSQL; E:\Programs\SQL Server 2017\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 SQLSERVERAGENT; E:\Programs\SQL Server 2017\MSSQL14.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; E:\Programs\SQL Server 2017\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$ROANSQL; E:\Programs\SQL Server 2017\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SSASTELEMETRY; E:\Programs\SQL Server 2017\MSAS14.MSSQLSERVER\OLAP\Bin\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SSISTELEMETRY140; C:\Program Files\Microsoft SQL Server\140\DTS\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; E:\Programs\Samsung\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 tmInstall; E:\Programs\drivers\amd64\tmInstall.exe [130056 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 VMAuthdService; E:\Programs\VM WARE 14\vmware-authd.exe [96184 2018-05-11] (VMware, Inc. -> VMware, Inc.)
R2 VMwareHostd; E:\Programs\VM WARE 14\vmware-hostd.exe [14346680 2018-05-11] (VMware, Inc. -> )
S3 VSStandardCollectorService140; E:\Programs\Visual_studio_express\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation -> Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; E:\Programs\wamp\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; E:\Programs\wamp\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSSQLServerOLAPService; "E:\Programs\SQL Server 2017\MSAS14.MSSQLSERVER\OLAP\bin\msmdsrv.exe" -s "E:\Programs\SQL Server 2017\MSAS14.MSSQLSERVER\OLAP\Config"
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [46040 2019-10-30] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24528 2019-04-18] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [32520 2019-09-16] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [138064 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-05-29] (Disc Soft Ltd -> Disc Soft Ltd)
R1 epp; E:\Programs\Emsisoft\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd -> Emsisoft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 htcnprot; C:\Windows\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated) [File not signed]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kvnet; C:\Windows\System32\drivers\kvnet.sys [30208 2016-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Kerio Technologies Inc.)
R2 MEmuDrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [319304 2018-03-30] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{955A439E-831B-4958-90A2-7D1C7347D16A}\MpKslDrv.sys [43232 2020-05-10] (Microsoft Windows -> Microsoft Corporation)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 pppop; C:\Windows\System32\drivers\pppop64.sys [42528 2009-07-21] (Fortinet Technologies -> Fortinet Inc.)
S4 RsFx0501; C:\Windows\System32\DRIVERS\RsFx0501.sys [261784 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R3 SensorsSimulatorDriver; C:\Windows\System32\drivers\WUDFRd.sys [282112 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tapoas; C:\Windows\System32\drivers\tapoas.sys [30720 2010-08-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tmhidusb; C:\Windows\system32\DRIVERS\tmhidusb.sys [340488 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 tmResetMin; C:\Windows\System32\Drivers\tmResetMin.sys [44552 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2017. All rights reserved.)
S3 tmwbulk; C:\Windows\System32\Drivers\tmwbulk.sys [290824 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
R3 UcmCxUcsiNvppc; C:\Windows\system32\DRIVERS\UcmCxUcsiNvppc.sys [461592 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 VBoxNetAdp; C:\Windows\System32\drivers\VBoxNetAdp6.sys [237824 2020-04-09] (Oracle Corporation -> Oracle Corporation)
S3 VIAHdAudAddService; C:\Windows\system32\drivers\viahduaa.sys [701136 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-10 11:37 - 2020-05-10 21:37 - 000000000 ____D C:\FRST
2020-05-10 11:21 - 2020-05-10 11:21 - 000000000 ____D C:\Users\roan_000\AppData\Local\mbamtray
2020-05-10 11:21 - 2020-05-10 11:21 - 000000000 ____D C:\Users\roan_000\AppData\Local\mbam
2020-05-10 10:59 - 2020-05-10 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2020-05-04 04:46 - 2020-05-04 04:46 - 000000000 ___DC C:\Users\romik\AppData\Local\Viber
2020-05-04 04:46 - 2020-05-04 04:46 - 000000000 ____D C:\Users\romik\AppData\Local\CrashDumps
2020-05-04 00:34 - 2020-05-04 00:34 - 000001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Product Verification Tool.lnk
2020-05-04 00:34 - 2020-05-04 00:34 - 000000000 ____D C:\Program Files\AMDProduct Verification Tool
2020-05-04 00:34 - 2016-01-28 13:22 - 000504320 _____ (Newtonsoft) C:\Windows\system32\Newtonsoft.Json.dll
2020-05-03 18:48 - 2020-03-11 22:08 - 007308368 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-05-03 18:48 - 2020-03-11 22:08 - 001145464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCOM64.dll
2020-05-03 18:48 - 2020-03-11 22:08 - 000844888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64U.dll
2020-05-03 18:48 - 2020-03-11 22:08 - 000495288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-05-03 18:48 - 2020-03-11 22:08 - 000224272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-05-03 18:48 - 2020-03-11 18:58 - 038837969 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-05-03 18:45 - 2020-05-03 18:45 - 000000000 ____D C:\Program Files (x86)\AMD
2020-05-03 18:44 - 2020-05-03 18:44 - 000000000 ____D C:\Users\roan_000\AppData\Local\RadeonInstaller
2020-05-03 18:44 - 2020-05-03 18:44 - 000000000 ____D C:\Program Files\AMD
2020-05-03 18:43 - 2019-06-27 05:45 - 000466552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\tbaseregistry64.dll
2020-05-03 18:43 - 2019-06-27 05:45 - 000368240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\tbaseregistry32.dll
2020-05-03 18:43 - 2019-06-27 05:44 - 000138064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdpsp.sys
2020-05-03 18:42 - 2020-05-03 18:42 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-05-03 18:32 - 2020-05-03 18:49 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-05-03 18:32 - 2020-03-11 22:08 - 005831392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPOU64.dll
2020-05-03 18:32 - 2020-03-11 22:08 - 001093352 _____ (Realtek Semiconductor) C:\Windows\system32\RtkAudUService64.exe
2020-05-03 18:32 - 2019-12-19 09:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-05-03 18:24 - 2020-05-03 18:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2020-05-03 18:21 - 2020-05-03 18:21 - 000000000 ____D C:\Windows\LastGood.Tmp
2020-05-02 21:27 - 2020-05-02 21:27 - 000003112 _____ C:\Windows\system32\Tasks\ParkControl
2020-05-02 18:57 - 2020-05-10 11:32 - 000000000 ____D C:\Users\roan_000\AppData\Roaming\Easeware
2020-05-02 18:57 - 2020-05-02 20:40 - 000000374 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2020-05-02 18:57 - 2020-05-02 18:57 - 000003852 _____ C:\Windows\system32\Tasks\Driver Easy Scheduled Scan
2020-05-02 08:58 - 2020-05-02 08:58 - 000000281 ____C C:\Users\roan_000\Desktop\Fortnite.url
2020-05-02 08:47 - 2020-05-02 08:47 - 000001800 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\3082
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\2052
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1055
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1049
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1046
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1045
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1042
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1041
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1040
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1036
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1031
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1029
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\SysWOW64\1028
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\3082
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\2052
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1055
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1049
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1046
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1045
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1042
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1041
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1040
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1036
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1031
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1029
2020-05-02 08:47 - 2020-05-02 08:47 - 000000000 ____D C:\Windows\system32\1028
2020-05-02 08:43 - 2020-05-02 08:43 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2020-05-02 08:42 - 2020-05-02 08:42 - 000000000 ____D C:\Program Files\Application Verifier
2020-05-02 08:42 - 2020-05-02 08:42 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2020-05-02 07:57 - 2020-05-02 07:57 - 000000000 ____D C:\Users\roan_000\.dotnet
2020-05-02 07:55 - 2020-05-02 07:57 - 000000000 ____D C:\Program Files\dotnet
2020-05-02 07:55 - 2020-05-02 07:56 - 000000000 ____D C:\Program Files (x86)\dotnet
2020-05-02 07:55 - 2020-05-02 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2020-05-02 07:50 - 2020-05-02 07:50 - 000001799 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk
2020-05-02 07:28 - 2020-05-02 07:28 - 000000000 ____D C:\Games
2020-05-02 07:25 - 2020-05-02 07:25 - 000000028 _____ C:\Windows\OutLog.txt
2020-05-02 07:25 - 2020-05-02 07:25 - 000000000 _____ C:\Windows\BcdLog.txt
2020-05-02 07:22 - 2020-05-02 07:22 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-05-02 07:22 - 2020-02-23 14:54 - 000085424 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUDCPEPM.sys
2020-05-02 07:22 - 2020-02-23 14:54 - 000033712 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUEDKEPM.sys
2020-05-02 07:22 - 2020-02-23 14:49 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\EPMVolFl0.sys
2020-05-01 19:35 - 2020-05-01 19:35 - 000001024 ____H C:\SYSTAG.BIN
2020-05-01 19:34 - 2020-05-10 11:33 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat
2020-05-01 19:34 - 2020-05-10 11:27 - 000000312 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2020-05-01 19:34 - 2020-05-01 19:34 - 000000000 ____D C:\ProgramData\Aomei
2020-05-01 19:33 - 2020-05-01 19:36 - 000000000 ____D C:\ProgramData\AomeiBR
2020-05-01 19:33 - 2017-09-01 18:12 - 000038320 _____ C:\Windows\system32\amwrtdrv.sys
2020-05-01 19:33 - 2016-12-21 22:54 - 000051120 _____ C:\Windows\system32\ambakdrv.sys
2020-05-01 19:33 - 2016-12-21 22:52 - 000171952 _____ C:\Windows\system32\ammntdrv.sys
2020-05-01 16:50 - 2020-05-01 16:50 - 000000000 ____D C:\Users\roan_000\AppData\Roaming\vs_installershell
2020-04-29 21:48 - 2020-04-29 21:48 - 000000000 ____D C:\Users\roan_000\AppData\Local\Speech Graphics
2020-04-27 20:41 - 2020-04-27 20:41 - 000000000 ___DC C:\Users\roan_000\Documents\Square Enix
2020-04-27 20:30 - 2020-04-27 20:30 - 000000271 ____C C:\Users\roan_000\Desktop\Batman™ Arkham Asylum Game of the Year Edition.url
2020-04-23 22:31 - 2020-04-23 22:32 - 000000000 ___DC C:\Users\roan_000\AppData\Local\Viber
2020-04-19 20:39 - 2020-04-11 23:55 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-19 20:39 - 2020-04-11 23:55 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-04-19 20:39 - 2020-04-11 23:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-19 20:39 - 2020-04-11 23:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-04-19 20:39 - 2020-04-11 23:55 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-04-19 20:39 - 2020-04-11 23:55 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-04-19 20:39 - 2020-04-11 23:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-19 20:39 - 2020-04-11 23:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-04-19 20:39 - 2020-04-11 23:55 - 000450280 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-04-19 20:39 - 2020-04-11 23:55 - 000346856 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-04-19 20:39 - 2020-04-11 23:54 - 011945872 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-04-19 20:39 - 2020-04-11 23:54 - 010286480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 017601632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 015158384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 005855856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 005159520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 002074232 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 001722480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444587.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 001566328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 001483376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444587.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 001481328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 001350792 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 001142200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 001048504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 000817080 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 000811448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 000679864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 000676448 _____ C:\Windows\system32\nvofapi64.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 000655312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 000546744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-04-19 20:39 - 2020-04-11 23:53 - 000543160 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-04-19 20:39 - 2020-04-11 23:51 - 004195688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-04-18 23:20 - 2020-05-03 18:21 - 000000000 ____D C:\Windows\Panther
2020-04-15 18:54 - 2020-04-15 18:54 - 026806784 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 023463424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 019020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 008907264 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 007923712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 007871488 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 006543528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 006318840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 006060032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 005608120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 004872704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 004695552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 004628480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 003933184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 003703808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 003656704 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 003632128 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 003550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 003097600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 002942976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 002801664 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2020-04-15 18:54 - 2020-04-15 18:54 - 002749800 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 002182472 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001709560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001675008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001465344 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001465272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001388032 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001249792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001024920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 001003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000988672 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000837120 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000681472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000661056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-04-15 18:54 - 2020-04-15 18:54 - 000628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2020-04-15 18:54 - 2020-04-15 18:54 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-04-15 18:54 - 2020-04-15 18:54 - 000465408 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2020-04-15 18:54 - 2020-04-15 18:54 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-04-15 18:54 - 2020-04-15 18:54 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2020-04-15 18:54 - 2020-04-15 18:54 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000321024 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-04-15 18:54 - 2020-04-15 18:54 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000280136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmiv2.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-04-15 18:54 - 2020-04-15 18:54 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-04-15 18:53 - 2020-04-15 18:54 - 001476096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 022137632 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 017487360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 015222272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 009672208 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 007701208 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 004589056 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 004442352 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 004303872 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 004050432 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 003887640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 003636224 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 003582976 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 003493376 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 003361080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 003334496 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 003005952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 002917688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 002706944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 002706496 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 002590736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 002426680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 002417664 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 002200576 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 002078392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001994768 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001962000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001824768 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001796408 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001727288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001702608 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-15 18:53 - 2020-04-15 18:53 - 001702400 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001674480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001668968 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001664696 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001647616 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001608192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001568768 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001519488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001473296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 001467392 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001412096 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001387304 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001383680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001346192 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-04-15 18:53 - 2020-04-15 18:53 - 001333760 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001320448 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001309184 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001259832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 001258512 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 001257984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001205248 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001183296 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001133056 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001054928 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 001050640 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 001038848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 001012224 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 001006080 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000987520 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000976896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000948288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000934400 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000902248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000871424 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000861496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000856432 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000808272 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000803400 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000777728 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000773200 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000770096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000744448 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000730112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000725904 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000721920 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000659520 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000652600 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000649272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000638264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000591160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000583096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000536112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000535056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000515384 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000513336 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000505640 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000452920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000439096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000415544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000298808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000294512 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000278416 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000261944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000253048 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000252728 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000222008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000193336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000189496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000164152 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000146888 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000131112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000124504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmiv2.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000089928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000057856 _____ C:\Windows\system32\runexehelper.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-04-15 18:53 - 2020-04-15 18:53 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2020-04-15 18:53 - 2020-04-15 18:53 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-04-15 18:53 - 2020-04-15 18:53 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-04-14 18:00 - 2020-04-14 18:00 - 000000000 ____D C:\Users\roan_000\AppData\Local\JetBrains

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-10 19:49 - 2017-06-26 18:50 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-10 19:30 - 2019-03-16 23:37 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-05-10 19:12 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-10 19:09 - 2016-11-20 11:50 - 000000000 ___DC C:\Users\roan_000\AppData\LocalLow\Mozilla
2020-05-10 19:08 - 2019-03-16 23:55 - 002584456 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-10 19:08 - 2018-09-15 19:39 - 001011874 _____ C:\Windows\system32\perfh005.dat
2020-05-10 19:08 - 2018-09-15 19:39 - 000265530 _____ C:\Windows\system32\perfc005.dat
2020-05-10 19:08 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2020-05-10 19:03 - 2017-10-12 17:00 - 000000000 ___DC C:\Users\roan_000\AppData\Local\HTC MediaHub
2020-05-10 19:03 - 2015-04-10 23:16 - 000000000 ___RD C:\Users\roan_000\SkyDrive
2020-05-10 19:02 - 2019-03-16 23:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-10 19:02 - 2018-09-15 08:09 - 001048576 _____ C:\Windows\system32\config\BBI
2020-05-10 19:02 - 2018-08-04 19:00 - 000000000 ____D C:\ProgramData\VMware
2020-05-10 19:01 - 2016-09-10 13:38 - 000000000 ____D C:\AdwCleaner
2020-05-10 12:52 - 2019-05-04 11:01 - 000000105 _____ C:\Users\roan_000\.node_repl_history
2020-05-10 11:32 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-05-10 11:32 - 2015-05-07 21:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-10 11:25 - 2019-08-09 09:07 - 000000000 ____D C:\Windows\system32\Tasks\System
2020-05-10 11:25 - 2017-10-03 19:58 - 000000000 ____D C:\Windat
2020-05-10 11:13 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2020-05-10 11:06 - 2019-03-30 16:05 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-05-10 11:05 - 2019-03-30 16:06 - 000000000 ____D C:\Users\roan_000\AppData\Roaming\Code
2020-05-10 10:58 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2020-05-10 10:48 - 2018-11-16 19:51 - 000000000 ____D C:\Program Files\rempl
2020-05-10 10:48 - 2016-04-23 16:53 - 000000000 ___DC C:\Users\roan_000\Documents\ViberDownloads
2020-05-09 14:33 - 2019-03-16 23:58 - 000000000 ____D C:\Users\roan_000\AppData\Local\PackageStaging
2020-05-09 12:50 - 2016-05-15 18:42 - 000000000 ___DC C:\Users\roan_000\AppData\Local\ElevatedDiagnostics
2020-05-08 09:23 - 2018-11-11 11:48 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\WhatsApp
2020-05-08 09:17 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2020-05-08 08:48 - 2019-02-22 16:24 - 000000000 ___DC C:\Users\roan_000\AppData\Local\WhatsApp
2020-05-07 23:00 - 2015-10-28 13:56 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 23:00 - 2015-10-28 13:56 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-05 05:07 - 2017-11-02 11:03 - 000000000 ___DC C:\Users\romik\AppData\Roaming\ViberPC
2020-05-05 00:54 - 2016-04-23 16:53 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\ViberPC
2020-05-05 00:50 - 2019-05-01 12:37 - 000000000 ___DC C:\Users\romik\Documents\ViberDownloads
2020-05-05 00:50 - 2016-11-22 21:54 - 000000000 ___DC C:\Users\romik\AppData\LocalLow\Mozilla
2020-05-05 00:50 - 2016-11-11 08:29 - 000000000 ___DC C:\Users\romik\AppData\Local\HTC MediaHub
2020-05-04 05:07 - 2016-10-23 21:07 - 000000000 ___DC C:\Users\romik\AppData\Local\Google
2020-05-04 04:52 - 2016-10-24 13:08 - 000000000 ___DC C:\Users\romik\AppData\Local\Spotify
2020-05-04 04:47 - 2016-10-24 13:08 - 000000000 ___DC C:\Users\romik\AppData\Roaming\Spotify
2020-05-04 04:46 - 2019-03-16 23:40 - 000002403 ____C C:\Users\romik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-04 04:46 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-04 04:46 - 2018-01-05 20:04 - 000000000 ___DC C:\Users\romik\AppData\Local\Packages
2020-05-04 04:46 - 2016-10-23 21:08 - 000000000 ___RD C:\Users\romik\OneDrive
2020-05-04 04:45 - 2018-01-31 20:48 - 000000000 ___RD C:\Users\romik\3D Objects
2020-05-04 04:45 - 2016-02-13 15:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-03 18:48 - 2015-04-18 10:34 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-05-03 18:35 - 2018-01-05 20:05 - 000000000 ___DC C:\Users\roan_000\AppData\Local\Packages
2020-05-03 18:33 - 2019-10-12 20:34 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-05-03 18:21 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\system32\Sysprep
2020-05-02 21:26 - 2017-02-08 20:56 - 000000000 ___DC C:\Users\roan_000\AppData\Local\CrashDumps
2020-05-02 19:05 - 2018-06-01 19:23 - 000000000 ___DC C:\Users\roan_000\AppData\Local\D3DSCache
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\SSISTELEMETRY140
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\SSASTELEMETRY
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\SQLTELEMETRY$ROANSQL
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\SQLTELEMETRY
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\roan_000
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\MSSQLServerOLAPService
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\MSSQLSERVER
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\MSSQL$ROANSQL
2020-05-02 09:03 - 2019-03-16 23:40 - 000000000 ____D C:\Users\MsDtsServer140
2020-05-02 09:02 - 2017-09-16 20:15 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\Visual Studio Setup
2020-05-02 08:59 - 2017-09-28 13:14 - 000000000 ___DC C:\Users\roan_000\AppData\Local\.IdentityService
2020-05-02 08:49 - 2015-07-06 12:43 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2020-05-02 08:47 - 2016-04-27 22:12 - 000000000 ____D C:\Windows\SysWOW64\1033
2020-05-02 08:47 - 2016-04-27 22:10 - 000000000 ____D C:\Windows\system32\1033
2020-05-02 08:43 - 2017-10-05 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2020-05-02 08:42 - 2015-07-09 20:24 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-02 08:21 - 2017-10-05 22:39 - 000000000 ____D C:\Program Files (x86)\NuGet
2020-05-02 08:10 - 2015-07-06 12:43 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2020-05-02 07:55 - 2019-03-16 23:08 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-05-02 07:49 - 2015-04-11 16:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-05-02 07:46 - 2017-09-16 20:15 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-05-01 16:27 - 2018-11-06 21:36 - 000000000 ____D C:\Program Files\dm
2020-05-01 08:31 - 2018-02-26 18:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-04-26 21:22 - 2017-07-04 21:29 - 000000000 ____D C:\Users\roan_000\.VirtualBox
2020-04-26 18:04 - 2020-03-14 20:35 - 000000000 ____D C:\ProgramData\VirtualBox
2020-04-20 16:14 - 2019-01-29 18:43 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\npm-cache
2020-04-19 20:23 - 2019-12-06 23:02 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-19 20:23 - 2019-12-06 23:02 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-04-19 20:23 - 2017-06-26 18:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-19 20:23 - 2017-06-26 18:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-19 20:23 - 2017-06-26 18:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-19 10:10 - 2019-01-29 21:25 - 000000000 ____D C:\Users\roan_000\.virtualenvs
2020-04-18 17:30 - 2017-04-02 11:44 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\vlc
2020-04-16 22:31 - 2019-03-16 23:57 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2490308184-3408559818-3602897103-1001
2020-04-16 22:31 - 2019-03-16 23:40 - 000002412 ____C C:\Users\roan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-16 19:53 - 2018-01-05 20:29 - 000000000 ___RD C:\Users\roan_000\3D Objects
2020-04-16 19:52 - 2019-03-16 23:37 - 005173696 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-15 23:08 - 2018-09-15 19:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-15 23:08 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-04-15 23:08 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\Provisioning
2020-04-15 23:08 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-04-15 23:08 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2020-04-15 18:50 - 2019-11-13 18:00 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-04-15 18:50 - 2019-08-14 09:20 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-04-15 18:50 - 2018-09-15 09:29 - 000102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-04-14 18:00 - 2018-07-05 17:28 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\JetBrains
2020-04-14 17:30 - 2019-03-16 23:57 - 000004646 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-14 17:30 - 2019-03-16 23:57 - 000004470 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-14 17:30 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-14 17:30 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-11 23:52 - 2019-12-06 23:27 - 004927960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-04-10 14:12 - 2015-10-03 14:39 - 000000000 ___DC C:\Users\roan_000\AppData\Roaming\MemoQ
2020-04-10 13:34 - 2015-10-03 14:38 - 000000000 ____D C:\ProgramData\MemoQ
2020-04-10 10:23 - 2020-03-01 10:33 - 000000000 ____D C:\Users\roan_000\.expo

==================== Files in the root of some directories ========

2018-06-19 21:27 - 2018-11-14 22:43 - 000000600 ____C () C:\Users\roan_000\AppData\Roaming\winscp.rnd
2015-06-28 12:35 - 2015-06-28 12:35 - 000001480 ____C () C:\Users\roan_000\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-29 08:16 - 2019-02-09 19:02 - 000000205 ____C () C:\Users\roan_000\AppData\Local\oobelibMkey.log
2016-09-18 14:29 - 2016-09-18 14:29 - 000032038 ____C () C:\Users\roan_000\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2015-04-12 00:10 - 2015-04-12 00:11 - 000011754 ____C () C:\Users\roan_000\AppData\Local\Temp-log.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================