Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu - Chrome načte neznámý web

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
klik6
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 08 zář 2012 13:25

Prosím o kontrolu logu - Chrome načte neznámý web

#1 Příspěvek od klik6 »

Dobrý den,
po spuštění notebooku se mi sám otevře Google Chrome a načte nějaký neznámý web, pokaždé nějaký jiný. Určitě je to tedy malware, který antivir nemůže najít.
Ještě mám dotaz, někdy po zapnutí notebooku se mi nenačte možnost spustit bluetooth a někdy dokonce ani wifi, ovladače na bluetooth sem zkusil reinstalovat, nepomohlo to, nevím s čím je tento bug spojený. Pokud se mi nenačte, musím notebook restartovat, což většinou pomůže.
Děkuji moc za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2020-01-03 17:09:51
Microsoft Windows 10 Home
System drive C: has 43 GB (11%) free of 382 GB
Total RAM: 8078 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:10:01, on 3. 1. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer15.msn.com/?pc=ACTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\Admin\AppData\Roaming\Dashlane\ie\Dashlanei.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Admin\AppData\Roaming\Dashlane\ie\KWIEBar.dll
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DashlanePlugin] "C:\Users\Admin\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws
O4 - HKCU\..\Run: [HoldemManager.Server] C:\Users\Admin\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: update.bat
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2fcd9258-7022-46f8-b369-537f5258e9cd}: NameServer = 93.153.117.49 93.153.117.17
O17 - HKLM\System\CCS\Services\Tcpip\..\{3a4122f7-34eb-4adf-a0bc-13b79dda719d}: NameServer = 93.153.117.49 93.153.117.17
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_1d7b2bb - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Gladius Network (Edge) Daemon (GladiusNetworkDaemon) - Unknown owner - C:\Program Files (x86)\Gladius Node\gladius-networkd.exe
O23 - Service: Gladius Node Manager (GladiusNodeControlDaemon) - Unknown owner - C:\Program Files (x86)\Gladius Node\gladius-controld.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10078 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
dashost.exe {b1bd4dbb-d344-4b9a-acaaa1e1c8308e79}
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s WwanSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Gladius Node\gladius-networkd.exe" C:\Users\Admin\.gladius
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s SmsRouter
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks

C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\SysWOW64\svchost.exe -k MbnExt
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe"


C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc

rundll32.exe acmigration.dll,ApplyMigrationShims
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\ProgramData\SetupTPDriver\SetupSync.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\cmd.exe /c ""C:\ProgramData\SetupTPDriver\auto_install.bat" "
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\msiexec.exe /V
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s SharedAccess
msiexec /qn /norestart /i "C:\ProgramData\SetupTPDriver\SetupTPDriver.msi"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BatchCaller.exe" /Install "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\\"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
rundll32.exe acmigration.dll,ApplyMigrationShims
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
rundll32.exe acmigration.dll,ApplyMigrationShims
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
igfxEM.exe
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"ctfmon.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\CastSrv.exe CCastServerControlInteractiveUser -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.111.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://zipansion.com/2O2pJ"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=79.0.3945.88 --initial-client-data=0x90,0x94,0x98,0x8c,0x9c,0x7ffbf9eddd08,0x7ffbf9eddd18,0x7ffbf9eddd28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=13096 --on-initialized-event-handle=72 --parent-handle=160 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=15954290395290753773 --mojo-platform-channel-handle=1524 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --service-request-channel-token=2309562257642601961 --mojo-platform-channel-handle=1708 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3347255742926475394 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16040473708025280790 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3796794772260282675 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry -mmah
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14495159548895969435 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4969657117167496521 --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3012769437030497474 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8237811162189615789 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7916 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13490191659186956552 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2028 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4834871061835463184 --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4345094333747365790 --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --service-request-channel-token=875141290939764556 --mojo-platform-channel-handle=6108 --ignored=" --type=renderer " /prefetch:8


"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8362807758812616963 --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8192517472685112298 --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2832 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,4341192459863949859,4674770253334900528,131072 --lang=cs --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=261375234664612559 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6412 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 776 780 788 8192 784
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4d0
"C:\Users\Admin\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001.job - C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupdate.exe
C:\WINDOWS\tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001.job - C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupload.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}]
Dashlane BHO - C:\Users\Admin\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2018-03-28 937424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]
{669695BC-A811-4A9D-8CDF-BA8C795F261C} - Dashlane Toolbar - C:\Users\Admin\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2018-03-28 185296]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 84992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2017-03-15 9140688]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2019-10-24 47774856]
"DashlanePlugin"=C:\Users\Admin\AppData\Roaming\Dashlane\DashlanePlugin.exe [2018-03-28 504784]
"HoldemManager.Server"=C:\Users\Admin\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [2018-10-01 1218]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-12-16 3288016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2015-01-09 235624]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2018-01-09 3237808]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
update.bat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-01-03 17:09:52 ----D---- C:\Program Files\trend micro
2020-01-03 17:09:51 ----D---- C:\rsit
2020-01-02 03:27:58 ----SHD---- C:\Config.Msi
2019-12-27 18:28:14 ----D---- C:\Program Files\tastyworks
2019-12-24 23:04:47 ----D---- C:\Program Files\thinkorswim
2019-12-24 14:19:48 ----D---- C:\Users\Admin\AppData\Roaming\java
2019-12-24 13:08:16 ----D---- C:\WINDOWS\LastGood
2019-12-23 17:13:30 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2019-12-23 17:13:30 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2019-12-23 17:13:30 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2019-12-23 17:13:30 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2019-12-23 17:13:28 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2019-12-23 17:13:28 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2019-12-23 17:13:26 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2019-12-23 17:13:26 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2019-12-23 17:13:23 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2019-12-23 17:13:23 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2019-12-23 17:13:23 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2019-12-23 17:13:23 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2019-12-23 17:13:22 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2019-12-23 17:13:22 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2019-12-23 17:13:20 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2019-12-23 17:13:20 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2019-12-23 17:13:17 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2019-12-23 17:13:17 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2019-12-23 17:13:17 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2019-12-23 17:13:17 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2019-12-23 17:13:16 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2019-12-23 17:13:16 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2019-12-23 17:13:15 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2019-12-23 17:13:15 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2019-12-23 17:13:14 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_5.dll
2019-12-23 17:13:14 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2019-12-23 17:13:12 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_5.dll
2019-12-23 17:13:12 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2019-12-23 17:13:11 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_42.dll
2019-12-23 17:13:11 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2019-12-23 17:13:09 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_42.dll
2019-12-23 17:13:09 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2019-12-23 17:13:08 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_42.dll
2019-12-23 17:13:08 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2019-12-23 17:13:07 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2019-12-23 17:13:07 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2019-12-23 17:13:05 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_42.dll
2019-12-23 17:13:05 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2019-12-23 17:13:03 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_41.dll
2019-12-23 17:13:03 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_41.dll
2019-12-23 17:13:03 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2019-12-23 17:13:03 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2019-12-23 17:12:59 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_41.dll
2019-12-23 17:12:59 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2019-12-23 17:12:56 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_4.dll
2019-12-23 17:12:56 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_3.dll
2019-12-23 17:12:56 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2019-12-23 17:12:56 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2019-12-23 17:12:55 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_4.dll
2019-12-23 17:12:55 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2019-12-23 17:12:54 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_6.dll
2019-12-23 17:12:54 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2019-12-23 17:12:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_40.dll
2019-12-23 17:12:50 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_40.dll
2019-12-23 17:12:50 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2019-12-23 17:12:50 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2019-12-23 17:12:47 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_40.dll
2019-12-23 17:12:47 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2019-12-23 17:12:44 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_3.dll
2019-12-23 17:12:44 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_2.dll
2019-12-23 17:12:44 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2019-12-23 17:12:44 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2019-12-23 17:12:42 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_3.dll
2019-12-23 17:12:42 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2019-12-23 17:12:41 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_5.dll
2019-12-23 17:12:41 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2019-12-23 17:12:39 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_2.dll
2019-12-23 17:12:39 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_1.dll
2019-12-23 17:12:39 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2019-12-23 17:12:39 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2019-12-23 17:12:36 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_2.dll
2019-12-23 17:12:36 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2019-12-23 17:12:33 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_39.dll
2019-12-23 17:12:33 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_39.dll
2019-12-23 17:12:33 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2019-12-23 17:12:33 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2019-12-23 17:12:31 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_39.dll
2019-12-23 17:12:31 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2019-12-23 17:12:28 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_1.dll
2019-12-23 17:12:28 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_0.dll
2019-12-23 17:12:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2019-12-23 17:12:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2019-12-23 17:12:26 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_1.dll
2019-12-23 17:12:26 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2019-12-23 17:12:25 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_4.dll
2019-12-23 17:12:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2019-12-23 17:12:23 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_38.dll
2019-12-23 17:12:23 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_38.dll
2019-12-23 17:12:23 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2019-12-23 17:12:23 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2019-12-23 17:12:20 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_38.dll
2019-12-23 17:12:20 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2019-12-23 17:12:19 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_0.dll
2019-12-23 17:12:19 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2019-12-23 17:12:17 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_0.dll
2019-12-23 17:12:17 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2019-12-23 17:12:16 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_3.dll
2019-12-23 17:12:16 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2019-12-23 17:12:13 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_37.dll
2019-12-23 17:12:13 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_37.dll
2019-12-23 17:12:13 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2019-12-23 17:12:13 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2019-12-23 17:12:11 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_37.dll
2019-12-23 17:12:11 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2019-12-23 17:12:09 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_10.dll
2019-12-23 17:12:09 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2019-12-23 17:12:06 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_36.dll
2019-12-23 17:12:06 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_36.dll
2019-12-23 17:12:06 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2019-12-23 17:12:06 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2019-12-23 17:12:04 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_36.dll
2019-12-23 17:12:04 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2019-12-23 17:12:03 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_9.dll
2019-12-23 17:12:03 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2019-12-23 17:12:01 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_35.dll
2019-12-23 17:12:01 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_35.dll
2019-12-23 17:12:01 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2019-12-23 17:12:01 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2019-12-23 17:11:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_35.dll
2019-12-23 17:11:59 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2019-12-23 17:11:58 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_8.dll
2019-12-23 17:11:58 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_2.dll
2019-12-23 17:11:58 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2019-12-23 17:11:58 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2019-12-23 17:11:56 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_34.dll
2019-12-23 17:11:56 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2019-12-23 17:11:55 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_34.dll
2019-12-23 17:11:55 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2019-12-23 17:11:54 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_34.dll
2019-12-23 17:11:54 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2019-12-23 17:11:53 ----A---- C:\WINDOWS\SYSWOW64\xinput1_3.dll
2019-12-23 17:11:53 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2019-12-23 17:11:51 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_7.dll
2019-12-23 17:11:51 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2019-12-23 17:11:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_33.dll
2019-12-23 17:11:50 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_33.dll
2019-12-23 17:11:50 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2019-12-23 17:11:50 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2019-12-23 17:11:48 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_33.dll
2019-12-23 17:11:48 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2019-12-23 17:11:46 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_6.dll
2019-12-23 17:11:46 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2019-12-23 17:11:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_5.dll
2019-12-23 17:11:45 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2019-12-23 17:11:44 ----A---- C:\WINDOWS\SYSWOW64\d3dx10.dll
2019-12-23 17:11:44 ----A---- C:\WINDOWS\system32\d3dx10.dll
2019-12-23 17:11:42 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2019-12-23 17:11:42 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2019-12-23 17:11:41 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_4.dll
2019-12-23 17:11:41 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_1.dll
2019-12-23 17:11:41 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2019-12-23 17:11:41 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2019-12-23 17:11:39 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_31.dll
2019-12-23 17:11:39 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2019-12-23 17:11:38 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_3.dll
2019-12-23 17:11:38 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2019-12-23 17:11:37 ----A---- C:\WINDOWS\SYSWOW64\xinput1_2.dll
2019-12-23 17:11:37 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2019-12-23 17:11:35 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_2.dll
2019-12-23 17:11:35 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2019-12-23 17:11:34 ----A---- C:\WINDOWS\SYSWOW64\xinput1_1.dll
2019-12-23 17:11:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2019-12-23 17:11:33 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_1.dll
2019-12-23 17:11:33 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2019-12-23 17:11:13 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_30.dll
2019-12-23 17:11:13 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2019-12-23 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_0.dll
2019-12-23 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_0.dll
2019-12-23 17:11:11 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2019-12-23 17:11:11 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2019-12-23 17:11:07 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_29.dll
2019-12-23 17:11:07 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2019-12-23 17:11:03 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_28.dll
2019-12-23 17:11:03 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2019-12-23 17:11:01 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_27.dll
2019-12-23 17:11:01 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2019-12-23 17:10:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_26.dll
2019-12-23 17:10:59 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2019-12-23 17:10:58 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_25.dll
2019-12-23 17:10:58 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2019-12-23 17:10:56 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_24.dll
2019-12-23 17:10:56 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2019-12-23 14:27:47 ----D---- C:\Program Files (x86)\Steam
2019-12-20 12:37:18 ----D---- C:\WINDOWS\LastGood.Tmp
2019-12-13 00:36:10 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-12-13 00:36:10 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-13 00:36:07 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-13 00:36:07 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-12-13 00:36:07 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-12-13 00:36:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2019-12-13 00:36:05 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2019-12-13 00:36:05 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2019-12-13 00:36:04 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-12-13 00:36:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-12-13 00:36:02 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-12-13 00:36:02 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-12-13 00:36:02 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2019-12-13 00:36:02 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-12-13 00:36:02 ----A---- C:\WINDOWS\system32\fhcfg.dll
2019-12-13 00:36:02 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-12-13 00:36:02 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2019-12-13 00:36:01 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-12-13 00:36:01 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-12-13 00:35:59 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-12-13 00:35:59 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-12-13 00:35:59 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-12-13 00:35:58 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-12-13 00:35:58 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-12-13 00:35:58 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-12-13 00:35:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-12-13 00:35:57 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2019-12-13 00:35:57 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-12-13 00:35:57 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-12-13 00:35:57 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2019-12-13 00:35:13 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-12-13 00:35:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-13 00:35:12 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-12-13 00:35:12 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-12-13 00:35:12 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2019-12-13 00:35:12 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2019-12-13 00:35:12 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2019-12-13 00:35:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2019-12-13 00:35:11 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2019-12-13 00:35:11 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2019-12-13 00:35:11 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2019-12-13 00:35:10 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-12-13 00:35:10 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2019-12-13 00:35:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-12-13 00:35:09 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-12-13 00:35:09 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-12-13 00:35:09 ----A---- C:\WINDOWS\system32\pnidui.dll
2019-12-13 00:35:08 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-12-13 00:35:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-12-13 00:35:08 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-12-13 00:35:08 ----A---- C:\WINDOWS\system32\fdProxy.dll
2019-12-13 00:35:08 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-13 00:35:07 ----A---- C:\WINDOWS\system32\wow64win.dll
2019-12-13 00:35:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-13 00:35:07 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-13 00:35:07 ----A---- C:\WINDOWS\system32\lpk.dll
2019-12-13 00:35:07 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-12-13 00:35:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-12-13 00:35:07 ----A---- C:\WINDOWS\system32\dciman32.dll
2019-12-13 00:35:06 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-12-13 00:35:06 ----A---- C:\WINDOWS\system32\services.exe
2019-12-13 00:35:06 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-12-13 00:35:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-12-13 00:35:04 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-12-13 00:35:04 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-12-13 00:35:03 ----A---- C:\WINDOWS\system32\msctf.dll
2019-12-13 00:35:02 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-12-13 00:35:02 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-13 00:35:00 ----A---- C:\WINDOWS\system32\winresume.exe
2019-12-13 00:35:00 ----A---- C:\WINDOWS\system32\shell32.dll
2019-12-13 00:35:00 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-12-13 00:34:59 ----A---- C:\WINDOWS\system32\winload.exe
2019-12-13 00:34:59 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-12-13 00:34:58 ----A---- C:\WINDOWS\system32\usosvc.dll
2019-12-13 00:34:58 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2019-12-13 00:34:58 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-13 00:34:58 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-13 00:34:58 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-12-13 00:34:57 ----A---- C:\WINDOWS\system32\win32u.dll
2019-12-13 00:34:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-12-13 00:34:57 ----A---- C:\WINDOWS\system32\win32k.sys
2019-12-13 00:34:57 ----A---- C:\WINDOWS\system32\user32.dll
2019-12-13 00:34:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-12-13 00:34:56 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-13 00:34:56 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-12-13 00:34:56 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-13 00:34:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-13 00:34:55 ----A---- C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-13 00:34:55 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-13 00:34:55 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-13 00:34:55 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-13 00:34:54 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-13 00:34:53 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-13 00:34:53 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-12-13 00:34:53 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-12-13 00:34:53 ----A---- C:\WINDOWS\system32\autopilot.dll

======List of files/folders modified in the last 1 month======

2020-01-03 17:09:57 ----D---- C:\WINDOWS\Temp
2020-01-03 17:09:52 ----RD---- C:\Program Files
2020-01-03 17:09:14 ----D---- C:\WINDOWS\Prefetch
2020-01-03 17:06:53 ----D---- C:\WINDOWS\INF
2020-01-03 17:06:52 ----D---- C:\WINDOWS\SoftwareDistribution
2020-01-03 17:06:52 ----D---- C:\WINDOWS\debug
2020-01-03 17:06:52 ----D---- C:\Windows
2020-01-03 17:06:30 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-03 16:56:12 ----D---- C:\WINDOWS\system32\SleepStudy
2020-01-03 16:54:57 ----D---- C:\WINDOWS\AppReadiness
2020-01-03 16:54:51 ----RD---- C:\WINDOWS\Microsoft.NET
2020-01-03 16:34:03 ----D---- C:\WINDOWS\system32\sru
2020-01-03 15:36:36 ----D---- C:\ProgramData\NVIDIA
2020-01-03 15:35:22 ----D---- C:\WINDOWS\system32\Tasks
2020-01-03 15:34:24 ----D---- C:\WINDOWS\System32
2020-01-03 01:20:03 ----SHD---- C:\System Volume Information
2020-01-03 01:05:49 ----D---- C:\Users\Admin\AppData\Roaming\Telegram Desktop
2020-01-02 12:28:13 ----D---- C:\Users\Admin\AppData\Roaming\discord
2020-01-02 10:15:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-02 03:27:52 ----SHD---- C:\WINDOWS\Installer
2019-12-30 20:44:55 ----D---- C:\WINDOWS\system32\LogFiles
2019-12-30 18:21:02 ----D---- C:\WINDOWS\Logs
2019-12-29 00:36:03 ----D---- C:\Binance
2019-12-28 13:51:33 ----AD---- C:\Users\Admin\AppData\Roaming\TC2000v16
2019-12-26 18:58:43 ----D---- C:\Jts
2019-12-25 20:36:58 ----D---- C:\Users\Admin\AppData\Roaming\Worden Brothers, Inc
2019-12-25 19:47:23 ----D---- C:\WINDOWS\Tasks
2019-12-24 17:25:56 ----HD---- C:\Program Files\WindowsApps
2019-12-23 17:13:30 ----D---- C:\WINDOWS\SysWOW64
2019-12-23 17:11:33 ----RSD---- C:\WINDOWS\assembly
2019-12-23 14:27:54 ----D---- C:\Program Files (x86)\Common Files
2019-12-23 14:27:47 ----RD---- C:\Program Files (x86)
2019-12-21 11:43:47 ----D---- C:\WINDOWS\system32\catroot2
2019-12-19 03:38:07 ----D---- C:\WINDOWS\system32\config
2019-12-18 19:15:29 ----D---- C:\WINDOWS\WinSxS
2019-12-13 17:26:47 ----D---- C:\WINDOWS\system32\WDI
2019-12-13 03:04:05 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-12-13 03:04:05 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2019-12-13 03:04:05 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-12-13 03:04:05 ----D---- C:\WINDOWS\SystemResources
2019-12-13 03:04:05 ----D---- C:\WINDOWS\system32\uk-UA
2019-12-13 03:04:05 ----D---- C:\WINDOWS\system32\pl-PL
2019-12-13 03:04:05 ----D---- C:\WINDOWS\system32\migration
2019-12-13 03:04:05 ----D---- C:\WINDOWS\system32\en-US
2019-12-13 03:04:05 ----D---- C:\WINDOWS\system32\en-GB
2019-12-13 03:04:04 ----D---- C:\WINDOWS\system32\drivers
2019-12-13 03:04:04 ----D---- C:\WINDOWS\system32\cs-CZ
2019-12-13 03:04:04 ----D---- C:\WINDOWS\system32\Boot
2019-12-13 03:04:03 ----D---- C:\WINDOWS\ShellExperiences
2019-12-13 03:04:03 ----D---- C:\WINDOWS\bcastdvr
2019-12-13 03:04:01 ----D---- C:\WINDOWS\system32\DriverStore
2019-12-13 00:54:42 ----D---- C:\WINDOWS\system32\MRT
2019-12-13 00:54:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-12-13 00:54:29 ----D---- C:\WINDOWS\CbsTemp
2019-12-11 01:08:25 ----D---- C:\WINDOWS\system32\Macromed
2019-12-11 01:08:20 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-12-08 20:03:56 ----D---- C:\WINDOWS\system32\drivers\wd
2019-12-06 14:15:40 ----D---- C:\ProgramData\CanonIJPLM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 MBI;@oem53.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2013-10-28 29464]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-12-13 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2019-03-19 4233728]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-10-31 117048]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-08-12 601624]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-10-31 231936]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-11-16 114688]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2019-03-19 57856]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-03-19 133120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-11-16 98304]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
R3 HIDSwitch;@oem16.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsRadioControl.sys [2019-08-07 32680]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-11-10 4585744]
R3 IntcDAud;@oem57.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem34.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 kbfiltr;@oem30.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_27a8d1f755bbaf69\nvlddmkm.sys [2018-09-19 20177280]
R3 nvvad_WaveExtensible;@oem36.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2018-06-08 69544]
R3 nvvhci;@oem7.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-04-24 65792]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-03-19 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-16 18432]
S3 ATP;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-08-23 100776]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-09-28 35016]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-11-16 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-11-16 1428992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 dg_ssudbus;@oem56.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-11-22 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2015-11-22 47160]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-10-31 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-31 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-11-16 84488]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-26 670056]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-16 359424]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-08-21 30792]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2016-09-12 486976]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-13 986936]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-03-19 662528]
S3 RTSPER;@oem60.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_1d7b2bb;Uživatelská služba platformy připojených zařízení_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 GladiusNetworkDaemon;Gladius Network (Edge) Daemon; C:\Program Files (x86)\Gladius Node\gladius-networkd.exe [2018-09-13 13239808]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2017-03-31 387144]
R2 MbnExt;Mobile Broadband Extension Service; C:\WINDOWS\syswow64\svchost.exe [2019-03-19 45448]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12 773328]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-09-18 773328]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-09-12 645328]
R2 OneSyncSvc_1d7b2bb;Hostitel synchronizace_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2019-03-19 263904]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_1d7b2bb;Uživatelská služba schránky_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-03-01 43704]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_1d7b2bb;Data kontaktů_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-10-31 913168]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 GladiusNodeControlDaemon;Gladius Node Manager; C:\Program Files (x86)\Gladius Node\gladius-controld.exe [2018-09-13 23760786]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 MessagingService_1d7b2bb;Služba zasílání zpráv_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_1d7b2bb;Agent Activation Runtime_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-12-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_1d7b2bb;Uživatelská služba pro GameDVR a vysílání her_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_1d7b2bb;Služba pro podporu uživatelů Bluetooth_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_1d7b2bb;CaptureService_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_1d7b2bb;ConsentUX_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_1d7b2bb;CredentialEnrollmentManagerUserSvc_1d7b2bb; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_1d7b2bb;DeviceAssociationBroker_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_1d7b2bb;DevicePicker_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_1d7b2bb;Tok zařízení_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-10-31 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe [2019-12-14 1113072]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12 773328]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_1d7b2bb;PrintWorkflow_1d7b2bb; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]

-----------------EOF-----------------
Nahoru
rifteyy
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 07 říj 2019 15:54

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#2 Příspěvek od rifteyy »

Pěkný den! Rychlý záskok za rádce.
Vložte prosím log FRST, z RSIT ve Windows 10 mazat nelze a FRST je přehlednější. :)
https://forum.viry.cz/viewtopic.php?f=13&t=154679
Pouze pododám, že v logu se mi nelíbí toto: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
update.bat
Je to příčina, ale nemusí být jedna, proto vložte FRST a zkušenější rádci vám zaručeně pomůžou.
Hodně štěstí!
______________________________________________________________________________________________________
:arrow: Pokud máte problém, nepište do cizí diskuze, založte si svojí diskuzi a vlože log FRST+Addition.
:arrow: Upozornění! ComboFix nepoužívejte sami o sobě, mohl by vám odejít systém!
CCleaner FRST RSIT
AdwCleaner ComboFix
______________________________________________________________________________________________________
Nahoru
klik6
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 08 zář 2012 13:25

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#3 Příspěvek od klik6 »

Děkuji, logy:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Admin (03-01-2020 18:02:25)
Running from C:\Users\Admin\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-10-31 14:01:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2138815263-3157913528-456582966-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2138815263-3157913528-456582966-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2138815263-3157913528-456582966-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-2138815263-3157913528-456582966-503 - Limited - Disabled)
Guest (S-1-5-21-2138815263-3157913528-456582966-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2138815263-3157913528-456582966-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2138815263-3157913528-456582966-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\uTorrent) (Version: 3.5.3.44396 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Connect (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Adobe Connect App) (Version: 2018.7.10.32 - Adobe Systems Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Amazon Kindle (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
American Truck Simulator CZ (HKLM-x32\...\American Truck Simulator CZ 1.4.4) (Version: 1.4.4 - SCS Software)
AmericasCardroom (HKLM-x32\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.2.1.1454 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Bandicut (HKLM-x32\...\Bandicut) (Version: 2.8.2.380 - Bandicam.com)
BestPoker (HKLM-x32\...\{A43C6826-F576-4318-BE16-970BF8C9E71F}) (Version: 1.0.0.41 - NSUS Ltd.)
Binance version 1.3.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.3.0 - Binance)
BLOCK DX 0.7.8 (only current user) (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\c2c3b094-387a-5023-b209-68eb93a40a65) (Version: 0.7.8 - Blocknet)
BlueVoda Website Builder 10.12 (HKLM-x32\...\BlueVoda_Website_Builder_1.0) (Version: - )
Brave (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Brave) (Version: 0.24.0 - Brave Software)
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.3.1 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM-x32\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{CC8F903A-9698-4245-9A38-22412DEF1029}) (Version: 1.0.446 - Citrix)
CSEP 14 1.0 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\CSEP 14 1.0) (Version: - )
Dashlane (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Dashlane) (Version: 5.10.0.18444 - Dashlane, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Discord (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.63 - NVIDIA Corporation) Hidden
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: - Brian Hoary)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.2 - Electronic Arts)
FIFA 14 1.2 (HKLM-x32\...\FIFA 14_is1) (Version: - )
Forex Tester 3.1.0.43 (HKLM-x32\...\{76F760EA-C312-4482-BE41-08B9C07860CA}_is1) (Version: - Forex Tester Software)
FormatFactory 4.4.1.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.1.0 - Free Time)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
GCI MT4 (HKLM-x32\...\GCI MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Gladius Node version 0.6.2 (HKLM-x32\...\{AB54C628-10FE-4FD7-91C9-AEBFC4593702}_is1) (Version: 0.6.2 - Gladius Network, LLC)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.35.5296 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GoToMeeting 10.6.0.16328 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\GoToMeeting) (Version: 10.6.0.16328 - LogMeIn, Inc.)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HellSpy Download Client verze 1.0.3 (HKLM-x32\...\{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1) (Version: 1.0.3 - HellSpy.com)
Holdem Manager 3 (HKLM-x32\...\{F1A0512A-1DDC-4C61-887E-20A9F271703A}) (Version: 3.0.5345.0 - Max Value Software)
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 5.05.02.00 - )
Icecream Ebook Reader verze 5.07 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.07 - Icecream Apps)
J88Poker 1.0 (HKLM-x32\...\J88Poker_is1) (Version: - )
Jivaro (HKLM-x32\...\{95CF931D-DDEB-4B15-B52C-80096CB5275E}) (Version: 2.2.15.0 - Jivaro ehf)
join.me (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\JoinMe) (Version: 3.2.1.5223 - LogMeIn, Inc.)
KeePass Password Safe 2.38 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.38 - Dominik Reichl)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
Ledger Live 1.2.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 1.2.0 - Ledger)
Ledger Wallet Ripple version 1.0.3 (HKLM-x32\...\{2A226916-F20B-403D-B564-F2CF5CF8CEF8}_is1) (Version: 1.0.3 - Ledger)
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
MetaTrader 4 Admiral Markets (HKLM-x32\...\MetaTrader 4 Admiral Markets) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 5 Admiral Markets (HKLM\...\MetaTrader 5 Admiral Markets) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader Standard (HKLM-x32\...\MetaTrader Standard) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft OneDrive (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Movavi Video Editor 14 (HKLM-x32\...\Movavi Video Editor 14) (Version: 14.1.0 - Movavi)
Natural8 (HKLM-x32\...\{A78E7B9E-0EF6-455A-A755-D0BDECFE4E6D}) (Version: 1.0.0.41 - NSUS Ltd.)
Neon 0.2.8 (only current user) (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 0.2.8 - Ethan Fast)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Ovládací panel NVIDIA 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.63 - NVIDIA Corporation) Hidden
partypoker (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\PartyPoker) (Version: - PartyGaming)
partypoker Czech (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\PartyPokerCZ) (Version: - PartyCzech)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.318.0 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM\...\{5C198985-6833-4F92-BE9A-33FC8ACC1025}) (Version: 6.0.321.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{2433cfd7-50ba-4a4a-b94e-7d8fc0f61dd1}) (Version: 6.0.321.0 - Tracker Software Products (Canada) Ltd.)
PicPick (HKLM-x32\...\PicPick) (Version: 4.2.2 - NGWIN)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Presentation Assistant V3.0.1 (HKLM-x32\...\Presentation Assistant_is1) (Version: - www.presentation-assistant.com)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4) (Version: 4.00 - MetaQuotes Software Corp.)
PUSH Video Wallpaper (HKLM\...\PUSH Video Wallpaper_is1) (Version: 4.18 - PUSH Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG3600 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3600 series) (Version: - ‭Canon Inc.)
SaxoTrader (HKLM-x32\...\{49C14B93-58AD-4178-B52C-750D54CE618D}) (Version: 2.192.69.0 - Saxo Bank)
Screen Master verze 2 (HKLM-x32\...\{A1B4E44A-23E0-4D88-AEA9-03C3276F1E77}_is1) (Version: 2 - AK Dílna)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SlideMate 2011 V5.0 (HKLM-x32\...\SlideMate 2011 V5.0_is1) (Version: - YpgSoft)
SMRecorder 1.1.9 (HKLM-x32\...\SMRecorder) (Version: 1.1.9 - SMRecorder)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
tastyworks (HKLM\...\{27392855-2B83-3D6B-A14D-6D8A9EFFF4A4}) (Version: 1.4.0 - tastyworks, inc.)
TC2000 v18 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TC2000 v18 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\TC2000 v18 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Telegram Desktop version 1.8.15 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
TonyBet Poker (HKLM-x32\...\TonyBet Poker) (Version: - TonyBet)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Trader Workstation (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\5889-6375-8446-2021) (Version: latest (978.1g) 20191211 16:53:18 - Interactive Brokers LLC)
TraderGO (HKLM-x32\...\{529F39A2-AC64-4E33-AB48-5643AB4420B0}) (Version: 2.178.52.0 - BrokerjetGO)
True Poker (HKLM-x32\...\9A147762-0190-4F8B-B8C9-64A6A6838F5C) (Version: 16.6 - IGSoft)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH)
Ulož.to FileManager verze 2.45 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.45 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vertcoin One-Click Miner (HKLM-x32\...\{15C3756C-B26F-482A-AC04-7C95411AE9AF}) (Version: 1.1.80 - Vertcoin Development Team)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
XM UK MT4 (HKLM-x32\...\XM UK MT4) (Version: 4.00 - MetaQuotes Software Corp.)
XTB xStation (HKLM-x32\...\{7FD26B2B-888D-E1C6-6580-6B5B4A02778F}) (Version: 1.65.0 - X Open Hub) Hidden
XTB xStation (HKLM-x32\...\pro.xopenhub.xstation) (Version: 1.65.0 - X Open Hub)

Packages:
=========
Age of Empires: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSDallas_1.3.27374.2_x64__8wekyb3d8bbwe [2019-08-24] (Microsoft Studios)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-10] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-25] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.6.0.10_x86__h6adky7gbf63m [2019-12-17] (Gameloft.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-09] (Facebook Inc)
Fly Reader -> C:\Program Files\WindowsApps\28471.Win10_1.4.86.0_x64__5jrh99fxzq7xw [2019-12-24] (殷越)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2019-05-18] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Simplenote -> C:\Program Files\WindowsApps\22490Automattic.Simplenote_1.12.0.0_x86__9h07f78gwnchp [2019-12-10] (Automattic)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2138815263-3157913528-456582966-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2138815263-3157913528-456582966-1001_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0x2FE9AFE4EC58D401DBB62396B659D401020000000500000000000000 => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Holdem Manager 3\Copy HM3 Log files to Desktop.lnk -> C:\Program Files (x86)\Holdem Manager 3\HM3_Utilities\HM3CopyLogFiles.bat ()
ShortcutWithArgument: C:\Users\Admin\Desktop\naulozeni\další\programy\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\Admin\Desktop\naulozeni\další\programy\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\Admin\Desktop\naulozeni\další\programy\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chance.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=plkhkjaillnajkiilpgmmjeablgiicll
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm

==================== Loaded Modules (Whitelisted) =============

2017-08-26 10:40 - 2015-01-09 07:45 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2017-08-26 10:40 - 2015-01-09 07:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2017-02-16 19:14 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-03-19 10:40 - 2018-03-19 10:40 - 000101376 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll
2016-12-10 23:40 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-12-09 00:57 - 2016-12-09 00:53 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-04-10 18:51 - 2017-09-12 21:10 - 000000510 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 asus.mshome.net # 2022 6 3 8 19 53 38 965
6 5 16 19 53 38 965
192.168.137.1 asus.mshome.net # 2022 6 3 8 19 53 38 965

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2138815263-3157913528-456582966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\moon_sun_decline_evening_merge_day_night_sea_waves_fog_clouds_48449_1600x900.jpg
DNS Servers: 10.0.0.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "GarenaPlus"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "HoldemManager.Server"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DA770EDF-8C50-4319-995A-D054311FADFF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{537C3933-57B5-44AA-9DF4-42943BFB3BDE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{41927772-FAB8-4978-B1DF-96AA8AECCE8C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{D5E2B5AA-2D4C-4966-B778-FC3DC5C160D4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{13C8D64A-0FD8-471C-BF63-C458F1F864DC}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3B106956-42B9-465D-90CD-825D23BB2FA8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{98DF38DB-5340-4810-8A1A-A045781C286D}C:\program files (x86)\gladius node\gladius-controld.exe] => (Allow) C:\program files (x86)\gladius node\gladius-controld.exe () [File not signed]
FirewallRules: [TCP Query User{7292DB9E-BBF9-466A-98AB-80A4786677A4}C:\program files (x86)\gladius node\gladius-controld.exe] => (Allow) C:\program files (x86)\gladius node\gladius-controld.exe () [File not signed]
FirewallRules: [{3E9089A3-E55E-4CD7-A89A-3D19DDA4D9B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1F23F98-FA22-4BA6-B0A8-2C428915AD85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82AE6547-96EE-4547-8B2D-CFF82B46302A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F4C3B67-CC96-46F4-9997-FD786C0F4674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9DB4BCB-530F-45B9-8B10-CEAF8FCD8758}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ECEBCB1C-71C3-4C71-B5FE-E8AEAC41366C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BD4AC8E8-A4A5-42B0-8E6F-92DA2649B8D7}] => (Allow) C:\Program Files\MetaTrader 5 Admiral Markets\metatester64.exe (MetaQuotes Software Corp. -> MetaQuotes Software Corp.)
FirewallRules: [{A217CA02-B96F-47B6-8135-507E5325227A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D7DDB97A-7778-425C-AF48-EC1CFFFB6380}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9E06A764-FA75-437A-96F1-B2D8CEF94665}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{50E48E5A-E4AB-4039-A585-1FB4C922832C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1BD918B0-586F-4A06-8E2B-CA407415C070}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{787EDF77-AE2C-44C4-9915-6CCDA926694E}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{7AE0D3DC-FCC9-4734-8B1D-9787E5ECB6B2}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{F45B641D-63AB-4ABD-838D-8C20408D6390}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{225CA277-E229-40F4-BCCA-33B64DB954D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{EA32DC11-513A-451C-8695-358704DA3BC7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B5A0F484-A4FF-464C-8011-91D460ADAC90}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D8692260-97C1-45A3-811F-7144BD5B1A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{695EF7AD-A37B-491B-BDB4-19159150D185}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF7EB185-B10B-4CEE-AC2E-AB488767702C}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{6948925C-774A-4D2F-BB94-27C8411D2DD3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{B0B39489-9730-4EB6-8DA8-D39024ECE885}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{2A4BE204-7496-4CDA-89BE-58D00558E915}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [TCP Query User{06661A37-314D-4FED-A4CA-29DD5B1F0F7B}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{709A48AB-C6F0-4773-BD9B-1605219D2455}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{514302A5-8F38-4D36-938A-BB1D6694C8FD}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{67B2360D-92E2-4F30-BECB-9C8CC8A6CD47}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DE2C316E-B7F8-40AC-8010-D2733AFDCA2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ED3F3AF6-8D1C-41E3-ABB6-B371FB12EB9F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7291E76-54C3-43B8-963A-146DD0A2D5B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{439794DE-25FC-418F-AC52-218C956E37F8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{298D4069-7DCD-4AA1-A340-0B8FEBEC1355}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E93BC49E-45DB-43E9-92CA-E940FCF7F195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{7D82BF1F-AB05-4442-A226-B0761691570D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{1C0D3490-110E-4CDD-A320-0FC68BEFB1E1}C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe] => (Allow) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{1F674085-33F4-4BAF-9437-C5793F8D2BC1}C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe] => (Allow) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{42A69EBF-3A3B-4EC0-96CC-F67C6DB99607}] => (Block) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{2F4771E5-B26E-46BA-BBD4-1199EAB24365}] => (Block) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]

==================== Restore Points =========================

30-12-2019 19:35:52 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/03/2020 05:31:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 05:11:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5188,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 05:00:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1288,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 03:50:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4924,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 03:42:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8880,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 03:35:29 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 31176; požadovaná velikost: 34328.

Error: (01/03/2020 01:41:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11420,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 01:05:09 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8040,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/03/2020 03:33:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_1d7b2bb byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/02/2020 10:12:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6ee52a byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/02/2020 05:22:06 AM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/02/2020 03:26:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_28dd40 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/02/2020 02:51:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba GladiusNodeControlDaemon neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/02/2020 02:51:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby GladiusNodeControlDaemon bylo dosaženo časového limitu (45000 ms).

Error: (01/02/2020 02:51:17 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:11:35, ‎31.‎12.‎2019) bylo neočekávané.

Error: (12/31/2019 06:32:18 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.


Windows Defender:
===================================
Date: 2019-12-30 18:24:14.322
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {04B27BDA-442B-4A34-9D29-F5756A11C092}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-25 23:05:44.953
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DEC5D42A-1B91-42F3-BBD9-304D352F1798}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-25 21:32:04.915
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1AF8DC32-59B7-453F-A82F-1740FC765F40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-17 00:59:59.963
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {502C01D1-8236-4030-9F0F-247270982145}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-13 20:19:58.279
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4D5F8346-F3DC-425B-A7C5-CFECFBCD0DF6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-11-29 06:24:05.459
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2997.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-11-28 19:48:56.512
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-28 19:48:56.510
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-28 19:48:56.509
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-28 19:48:56.462
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X751MJ.205 02/28/2015
Motherboard: ASUSTeK COMPUTER INC. X751MJ
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 45%
Total physical RAM: 8078.3 MB
Available physical RAM: 4379.4 MB
Total Virtual: 10299.23 MB
Available Virtual: 5588.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:39.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:439.06 GB) NTFS

\\?\Volume{9c3657f1-cc9d-4d85-87f3-774c9a310173}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.56 GB) NTFS
\\?\Volume{223ad769-3e02-411c-b7e7-3f4fe46d761b}\ (Restore) (Fixed) (Total:15.01 GB) (Free:3.67 GB) NTFS
\\?\Volume{dd72e135-2afb-42bc-acd8-04d70564e707}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 97EAD77B)

Partition: GPT.

==================== End of Addition.txt =======================








Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Admin (administrator) on ASUS (ASUSTeK COMPUTER INC. X751MJ) (03-01-2020 17:54:01)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gladius Node\gladius-networkd.exe
() [File not signed] C:\Program Files (x86)\Screen Master\ScreenMaster.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BatchCaller.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Garena Online Pte Ltd -> ) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Garena Online Pte Ltd -> ) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\ProgramData\SetupTPDriver\SetupSync.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3237808 2018-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9140688 2017-03-15] (Garena Online Pte Ltd -> )
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [DashlanePlugin] => C:\Users\Admin\AppData\Roaming\Dashlane\DashlanePlugin.exe [504784 2018-03-28] (Dashlane -> Dashlane, Inc.)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [HoldemManager.Server] => C:\Users\Admin\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [1218 2018-10-01] () [File not signed]
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-22] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0651642D-9B53-4776-9EF8-755FD05FCC55} - System32\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001 => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupload.exe [32256 2019-12-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1457A967-EF1C-4B3C-B7BD-20304EA46C54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {1BF79EA7-DDAC-41A1-895B-612D48EA5E2C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {25FDE330-5CA7-4EB0-8156-876E07E0E10A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [995024 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {276A5B4A-D96F-4BEC-B20F-75E1AB9A3D68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2DF3026A-46FC-4BEA-AACE-BB4622143E21} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {480E442E-9003-4F86-9FA6-0AC785435749} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B246268-F422-49BC-A42E-30F2F6CC16CF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-11] (Adobe Inc. -> Adobe)
Task: {56592DE8-2CFB-4E93-9A1E-76ECC895D74B} - System32\Tasks\Garena+ Plugin Host Service => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [175096 2017-01-18] (Garena Online Pte Ltd -> )
Task: {61D74A23-E4EA-42E6-8D90-75FE51447B3C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-11] (Adobe Inc. -> Adobe)
Task: {6783BC7C-B762-447C-BBD7-E11FDCB13BF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B237A95-89CF-45CB-A857-6043FD3E5E4B} - System32\Tasks\DRPNPS => Command(1): mshta.exe -> "http://update.drp.su/nps/online/bin/tools/run.hta" "17.7.39 Online" "1489615217113" "7fe1e609-42cb-4407-8f8e-b89de479c6a1"
Task: {6B237A95-89CF-45CB-A857-6043FD3E5E4B} - System32\Tasks\DRPNPS => Command(2): SCHTASKS -> /Delete /TN DRPNPS /F
Task: {70237D1D-436E-4BAE-A720-ACB5AB3C9F6D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {72D24C46-419D-4031-8639-0720FFB66EEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {766CAE4B-352C-47E1-9847-AF8E2177098D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487440 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84EA9D2D-434A-4C84-B569-7F52A48D71FE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97EA27BE-E117-4BF8-9C54-9D5F5A4B75B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9BBAE669-6E29-408B-BBB0-7747D81A37C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A16095A7-4452-4F23-A8A2-3B66042256D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {AED261EF-DC70-465F-8781-72D6819B01C9} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B29FAB1B-46FD-4E7B-BA55-E3A2EA08467D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BA75D61A-A8EF-4091-867B-CB219D78DFE2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6C0F8B8-DB15-4C8A-ABDF-6EABDC6BCEA0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC4FB1BD-FD8B-4B82-9DB5-6302D443325F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CDC8CB30-999D-4455-BB56-3EEC7B4D1B08} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D3CBACFD-5BD7-4699-9FC4-F30674A40861} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D75A56FB-0658-4CBC-8973-E5E418AEB4F2} - System32\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001 => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupdate.exe [32256 2019-12-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FEB8E13D-4903-473B-A4A9-8A768BF08A1A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [696016 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001.job => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001.job => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 192.168.1.1
Tcpip\..\Interfaces\{2915a10c-c807-4574-8c57-f71d94e490d6}: [DhcpNameServer] 10.0.0.1 192.168.1.1
Tcpip\..\Interfaces\{2fcd9258-7022-46f8-b369-537f5258e9cd}: [NameServer] 93.153.117.49 93.153.117.17
Tcpip\..\Interfaces\{3a4122f7-34eb-4adf-a0bc-13b79dda719d}: [NameServer] 93.153.117.49 93.153.117.17
Tcpip\..\Interfaces\{7a305309-996e-4d0f-bf4a-14ffe8ddf2d1}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{df262e11-a3ac-4023-b522-1df829c5220c}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Admin\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2018-03-28] (Dashlane -> Dashlane, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Admin\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2018-03-28] (Dashlane -> Dashlane, Inc.)

Edge:
======
DownloadDir: C:\Users\Admin\Downloads

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-12-27] (Garena Online Pte Ltd -> Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-12-13] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2019-12-30] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2019-12-30] (TD Ameritrade -> TD Ameritrade)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://www.tipsport.org/images/chance/favicon/ ... m2Pv5m4lx0
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://hitbtc.com; hxxps://web.telegram.org; hxxps://www.freesexchat.com; hxxps://www.instagram.com; hxxps://www.nev-dama.cz; hxxps://www.ubo.cz
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-01-03]
CHR Extension: (Překladač Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-24]
CHR Extension: (Prezentace) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (TradingView Screenshare) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhcojfoafcmhlgoogceejdmfobpehlf [2019-12-11]
CHR Extension: (Dokumenty) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-09]
CHR Extension: (Ledger Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2018-08-05]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-09]
CHR Extension: (Full Page Screen Capture) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-11-29]
CHR Extension: (Tabulky) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-05-27]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-03-20]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2018-07-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Extension: (Chance) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkhkjaillnajkiilpgmmjeablgiicll [2018-09-16]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-28]
CHR HKU\S-1-5-21-2138815263-3157913528-456582966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 GladiusNetworkDaemon; C:\Program Files (x86)\Gladius Node\gladius-networkd.exe [13239808 2018-09-13] () [File not signed]
S2 GladiusNodeControlDaemon; C:\Program Files (x86)\Gladius Node\gladius-controld.exe [23760786 2018-09-13] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2017-03-31] (Canon Inc. -> )
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o. -> Gemfor s.r.o.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH -> TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [838128 2016-12-14] (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [601624 2015-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2015-11-22] (Disc Soft Ltd -> Disc Soft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-28] (Intel(R) Software -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_27a8d1f755bbaf69\nvlddmkm.sys [20177280 2018-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (DEVGURU CO LTD -> QUALCOMM Incorporated)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH -> Tunngle.net GmbH)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 17:54 - 2020-01-03 17:56 - 000030602 _____ C:\Users\Admin\Desktop\FRST.txt
2020-01-03 17:53 - 2020-01-03 17:55 - 000000000 ____D C:\FRST
2020-01-03 17:52 - 2020-01-03 17:52 - 002272256 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2020-01-03 17:52 - 2020-01-03 17:52 - 002272256 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2020-01-03 17:42 - 2020-01-03 17:43 - 002962642 _____ C:\Users\Admin\Downloads\03.pdf
2020-01-03 17:42 - 2020-01-03 17:42 - 003028869 _____ C:\Users\Admin\Downloads\02.pdf
2020-01-03 17:42 - 2020-01-03 17:42 - 000921569 _____ C:\Users\Admin\Downloads\01.pdf
2020-01-03 17:09 - 2020-01-03 17:10 - 000000000 ____D C:\rsit
2020-01-03 17:09 - 2020-01-03 17:10 - 000000000 ____D C:\Program Files\trend micro
2020-01-03 17:08 - 2020-01-03 17:08 - 001222144 _____ C:\Users\Admin\Downloads\RSITx64.exe
2020-01-03 17:07 - 2020-01-03 17:08 - 000038524 _____ C:\Users\Admin\Documents\cc_20200103_170756.reg
2020-01-02 04:53 - 2020-01-02 04:55 - 107474465 _____ C:\Users\Admin\Downloads\Buzan_Myšlenkové-mapy-(2012).pdf
2019-12-28 15:11 - 2019-12-28 15:11 - 000001701 _____ C:\Users\Admin\Desktop\Age of Empires Definitive Edition.lnk
2019-12-27 18:29 - 2019-12-27 18:29 - 000000000 ____D C:\Users\Admin\AppData\Local\JxBrowser
2019-12-27 18:28 - 2019-12-27 18:29 - 000000000 ____D C:\Users\Admin\AppData\Local\tastyworks
2019-12-27 18:28 - 2019-12-27 18:28 - 000000000 ____D C:\Users\Admin\.openjfx
2019-12-27 18:28 - 2019-12-27 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tastyworks
2019-12-27 18:28 - 2019-12-27 18:28 - 000000000 ____D C:\Program Files\tastyworks
2019-12-27 18:05 - 2019-12-27 18:05 - 000072183 _____ C:\Users\Admin\Downloads\281508396-00.PDF
2019-12-27 17:56 - 2019-12-27 17:56 - 000532505 _____ C:\Users\Admin\Downloads\2197998687.pdf
2019-12-27 17:51 - 2019-12-27 17:51 - 000726540 _____ C:\Users\Admin\Downloads\1903352741.pdf
2019-12-26 13:29 - 2019-12-26 13:29 - 000210544 _____ C:\Users\Admin\Downloads\Vypis_z_uctu_2096780003_z_20190228.pdf
2019-12-26 13:28 - 2019-12-26 13:28 - 000209745 _____ C:\Users\Admin\Downloads\Vypis_z_uctu_2096780003_z_20190131.pdf
2019-12-25 20:37 - 2019-12-29 17:20 - 000000000 ____D C:\Users\Admin\Desktop\opce
2019-12-25 20:36 - 2019-12-25 20:36 - 004421392 _____ (Worden Brothers, Inc.) C:\Users\Admin\Downloads\TC2000v19setup.exe
2019-12-24 23:11 - 2019-12-24 23:11 - 000000000 ____D C:\Users\Admin\AppData\Local\Chromium
2019-12-24 23:10 - 2019-12-30 17:43 - 000000000 ____D C:\Users\Admin\AppData\Local\7.1c
2019-12-24 23:05 - 2019-12-31 18:31 - 000000000 ____D C:\Users\Admin\.thinkorswim
2019-12-24 23:04 - 2019-12-31 18:31 - 000000000 ____D C:\Program Files\thinkorswim
2019-12-24 23:04 - 2019-12-24 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim
2019-12-24 22:58 - 2019-12-24 23:02 - 054390736 _____ (thinkorswim, Inc) C:\Users\Admin\Downloads\thinkorswim_x64_installer.exe
2019-12-24 14:19 - 2019-12-24 14:19 - 000000000 ____D C:\Users\Admin\AppData\Roaming\java
2019-12-24 13:50 - 2019-12-24 13:50 - 004999440 _____ (Interactive Brokers LLC) C:\Users\Admin\Downloads\tws-latest-windows-x64.exe
2019-12-24 13:08 - 2019-12-24 13:08 - 000000000 ____D C:\WINDOWS\LastGood
2019-12-24 03:47 - 2019-12-24 03:48 - 067577053 _____ (LMH) C:\Users\Admin\Downloads\OKEx_Setup.exe
2019-12-23 17:13 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2019-12-23 17:12 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2019-12-23 17:12 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2019-12-23 17:12 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2019-12-23 17:12 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2019-12-23 17:12 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2019-12-23 17:12 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2019-12-23 17:12 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2019-12-23 17:12 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2019-12-23 17:12 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2019-12-23 17:12 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2019-12-23 17:12 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2019-12-23 17:12 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2019-12-23 17:12 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2019-12-23 17:12 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2019-12-23 17:12 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2019-12-23 17:12 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2019-12-23 17:12 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2019-12-23 17:12 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2019-12-23 17:12 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2019-12-23 17:12 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2019-12-23 17:12 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2019-12-23 17:12 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2019-12-23 17:12 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2019-12-23 17:12 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2019-12-23 17:12 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2019-12-23 17:12 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2019-12-23 17:12 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2019-12-23 17:12 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2019-12-23 17:12 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2019-12-23 17:11 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2019-12-23 17:11 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2019-12-23 17:11 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2019-12-23 17:11 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2019-12-23 17:11 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2019-12-23 17:11 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2019-12-23 17:11 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2019-12-23 17:11 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2019-12-23 17:11 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2019-12-23 17:11 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2019-12-23 17:11 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2019-12-23 17:11 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2019-12-23 17:11 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2019-12-23 17:11 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2019-12-23 17:11 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2019-12-23 17:11 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2019-12-23 17:11 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2019-12-23 17:11 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2019-12-23 17:11 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2019-12-23 17:11 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2019-12-23 17:11 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2019-12-23 17:11 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2019-12-23 17:11 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2019-12-23 17:11 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2019-12-23 17:11 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2019-12-23 17:11 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2019-12-23 17:11 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2019-12-23 17:11 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2019-12-23 17:11 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2019-12-23 17:11 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2019-12-23 17:11 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2019-12-23 17:11 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2019-12-23 17:11 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2019-12-23 17:11 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2019-12-23 17:11 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2019-12-23 17:11 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2019-12-23 17:11 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2019-12-23 17:11 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2019-12-23 17:11 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2019-12-23 17:11 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2019-12-23 17:11 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2019-12-23 17:11 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2019-12-23 17:11 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2019-12-23 17:11 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2019-12-23 17:10 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2019-12-23 17:10 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2019-12-23 17:10 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2019-12-23 17:10 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2019-12-23 17:10 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2019-12-23 17:10 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2019-12-23 14:39 - 2019-12-23 14:39 - 000000219 _____ C:\Users\Admin\Desktop\Counter-Strike Global Offensive.url
2019-12-23 14:32 - 2019-12-23 14:32 - 000000000 ____D C:\Users\Admin\AppData\Local\Steam
2019-12-23 14:27 - 2020-01-03 17:06 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-23 14:27 - 2019-12-23 14:27 - 001573568 _____ C:\Users\Admin\Downloads\SteamSetup.exe
2019-12-23 14:27 - 2019-12-23 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-21 01:30 - 2019-12-21 01:30 - 000288436 _____ C:\Users\Admin\Downloads\JMIB_24_09.pdf
2019-12-20 23:36 - 2019-12-20 23:36 - 001853396 _____ C:\Users\Admin\Downloads\Výhled-na-2020-Bitcoin.pdf
2019-12-20 23:36 - 2019-12-20 23:36 - 000538539 _____ C:\Users\Admin\Downloads\Výhled-na-2020-co-s-Altcoiny.pdf
2019-12-20 12:37 - 2019-12-20 12:37 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-12-13 00:36 - 2019-12-13 00:36 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-13 00:36 - 2019-12-13 00:36 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-13 00:36 - 2019-12-13 00:36 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-13 00:35 - 2019-12-13 00:35 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-13 00:35 - 2019-12-13 00:35 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-13 00:34 - 2019-12-13 00:35 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 22:03 - 2019-12-12 22:04 - 005398504 _____ C:\Users\Admin\Downloads\ekonomicke-bubliny (1).epub
2019-12-10 18:05 - 2019-12-10 18:05 - 000002065 _____ C:\Users\Admin\Desktop\PokerStars.eu.lnk
2019-12-04 13:02 - 2019-12-04 13:02 - 000039936 _____ C:\Users\Admin\Downloads\VoiTotalsByAssetClassExcelExport.xls
2019-12-04 13:00 - 2019-12-04 13:00 - 000010752 _____ C:\Users\Admin\Downloads\VoiDetailsForProduct.xls

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 17:50 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-03 17:39 - 2017-02-20 11:37 - 000000000 ___RD C:\Users\Admin\Documents\ScreenMaster
2020-01-03 17:06 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-03 16:56 - 2019-10-31 14:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-03 16:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-03 15:36 - 2017-05-24 06:28 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-03 15:35 - 2019-10-31 15:00 - 000003608 _____ C:\WINDOWS\system32\Tasks\Garena+ Plugin Host Service
2020-01-03 15:33 - 2015-11-01 19:14 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2020-01-03 01:05 - 2018-10-15 19:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Telegram Desktop
2020-01-02 21:49 - 2016-12-09 01:48 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2020-01-02 20:24 - 2019-11-10 22:08 - 000000000 ____D C:\Users\Admin\Desktop\btc
2020-01-02 12:28 - 2018-11-25 10:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\discord
2020-01-02 10:15 - 2019-10-31 14:44 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-02 10:15 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-02 10:15 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-02 05:22 - 2019-10-31 14:32 - 000000000 ____D C:\Users\Admin
2020-01-02 02:51 - 2019-10-31 15:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-29 00:36 - 2018-10-14 00:56 - 000000000 ____D C:\Binance
2019-12-28 13:51 - 2018-09-17 16:02 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\TC2000
2019-12-28 13:51 - 2017-10-31 16:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\TC2000v16
2019-12-27 18:20 - 2016-12-13 19:01 - 000000644 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001.job
2019-12-27 18:20 - 2016-12-13 19:01 - 000000548 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001.job
2019-12-27 18:19 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-26 18:58 - 2017-11-05 17:59 - 000000000 ____D C:\Jts
2019-12-25 20:37 - 2017-10-31 16:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Worden Brothers, Inc
2019-12-25 19:47 - 2019-10-31 15:00 - 000003790 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001
2019-12-25 19:47 - 2019-10-31 15:00 - 000003694 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001
2019-12-25 19:47 - 2017-07-08 14:17 - 000000000 ____D C:\Users\Admin\AppData\Local\GoToMeeting
2019-12-24 17:25 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-24 13:53 - 2017-11-05 18:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2019-12-24 13:52 - 2017-11-05 17:59 - 000000000 ____D C:\Users\Admin\.i4j_jres
2019-12-23 16:03 - 2019-01-01 16:33 - 000000000 ____D C:\Users\Admin\Desktop\naulozeni
2019-12-17 22:14 - 2016-12-09 02:25 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 22:14 - 2016-12-09 02:25 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 00:17 - 2018-10-19 08:39 - 000000000 ____D C:\Users\Admin\Downloads\Telegram Desktop
2019-12-16 09:31 - 2018-06-27 15:05 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2019-12-15 22:24 - 2016-12-16 10:29 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2019-12-13 23:08 - 2019-10-31 15:00 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 23:08 - 2019-10-31 15:00 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 17:20 - 2016-04-04 15:23 - 000000000 ___RD C:\Users\Admin\3D Objects
2019-12-13 17:20 - 2015-11-01 19:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 17:19 - 2019-10-31 14:17 - 000457288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 03:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-13 03:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-13 03:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-13 01:07 - 2016-12-09 14:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-13 00:54 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-13 00:54 - 2016-12-09 14:26 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-13 00:21 - 2017-12-18 20:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2019-12-12 22:08 - 2017-11-14 21:27 - 000000000 ____D C:\Users\Admin\Documents\My Kindle Content
2019-12-12 22:08 - 2017-11-14 21:26 - 000000000 ____D C:\Users\Admin\AppData\Local\Amazon
2019-12-12 22:03 - 2018-02-23 09:59 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2019-12-11 01:08 - 2019-10-31 15:00 - 000004644 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-11 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-11 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-10 23:49 - 2019-10-31 15:00 - 000004632 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-10 18:05 - 2016-12-20 17:37 - 000000000 ____D C:\Users\Admin\AppData\Local\PokerStars.CZ
2019-12-08 20:03 - 2018-02-28 14:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-06 14:15 - 2017-02-16 19:03 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-12-06 14:06 - 2018-01-04 16:02 - 000000000 ___RD C:\Users\Admin\Documents\Scanned Documents

==================== Files in the root of some directories ========

2017-11-24 15:57 - 2017-11-24 15:57 - 000000129 _____ () C:\Users\Admin\AppData\Roaming\Camdata.ini
2017-11-24 15:57 - 2017-11-24 15:57 - 000000408 _____ () C:\Users\Admin\AppData\Roaming\CamLayout.ini
2017-11-24 15:57 - 2017-11-24 15:57 - 000000408 _____ () C:\Users\Admin\AppData\Roaming\CamShapes.ini
2017-11-24 15:57 - 2017-11-24 15:57 - 000004550 _____ () C:\Users\Admin\AppData\Roaming\CamStudio.cfg
2017-11-24 15:25 - 2017-11-24 15:25 - 000000096 _____ () C:\Users\Admin\AppData\Roaming\version2.xml
2018-09-30 19:41 - 2018-10-01 19:43 - 000003372 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\83b968be-efe4-4a91-894a-ec489147e1aa
2018-08-03 17:42 - 2018-08-03 17:42 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118251
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#4 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
klik6
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 08 zář 2012 13:25

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#5 Příspěvek od klik6 »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-02.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-03-2020
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Admin\AppData\Roaming\DRPSu

***** [ Files ] *****

Deleted C:\END
Deleted C:\TOSTACK
Deleted C:\Users\Admin\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRPNPS

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\drpsu
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6B237A95-89CF-45CB-A857-6043FD3E5E4B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B237A95-89CF-45CB-A857-6043FD3E5E4B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRPNPS
Deleted HKLM\Software\Wow6432Node\drpsu

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted state.gov

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2325 octets] - [03/01/2020 19:04:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118251
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#6 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
klik6
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 08 zář 2012 13:25

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#7 Příspěvek od klik6 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Admin (administrator) on ASUS (ASUSTeK COMPUTER INC. X751MJ) (03-01-2020 19:58:13)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gladius Node\gladius-controld.exe
() [File not signed] C:\Program Files (x86)\Gladius Node\gladius-networkd.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Garena Online Pte Ltd -> ) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Garena Online Pte Ltd -> ) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_8.0.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3237808 2018-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9140688 2017-03-15] (Garena Online Pte Ltd -> )
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [DashlanePlugin] => C:\Users\Admin\AppData\Roaming\Dashlane\DashlanePlugin.exe [504784 2018-03-28] (Dashlane -> Dashlane, Inc.)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [HoldemManager.Server] => C:\Users\Admin\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [1218 2018-10-01] () [File not signed]
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-22] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0651642D-9B53-4776-9EF8-755FD05FCC55} - System32\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001 => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupload.exe [32256 2019-12-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1457A967-EF1C-4B3C-B7BD-20304EA46C54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {1BF79EA7-DDAC-41A1-895B-612D48EA5E2C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {25FDE330-5CA7-4EB0-8156-876E07E0E10A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [995024 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {276A5B4A-D96F-4BEC-B20F-75E1AB9A3D68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2DF3026A-46FC-4BEA-AACE-BB4622143E21} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {480E442E-9003-4F86-9FA6-0AC785435749} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B246268-F422-49BC-A42E-30F2F6CC16CF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-11] (Adobe Inc. -> Adobe)
Task: {61D74A23-E4EA-42E6-8D90-75FE51447B3C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-11] (Adobe Inc. -> Adobe)
Task: {6783BC7C-B762-447C-BBD7-E11FDCB13BF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70237D1D-436E-4BAE-A720-ACB5AB3C9F6D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {72D24C46-419D-4031-8639-0720FFB66EEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {766CAE4B-352C-47E1-9847-AF8E2177098D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487440 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84EA9D2D-434A-4C84-B569-7F52A48D71FE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D95EB98-13BB-45AA-9352-B3BE9566C10D} - System32\Tasks\Garena+ Plugin Host Service => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [175096 2017-01-18] (Garena Online Pte Ltd -> )
Task: {97EA27BE-E117-4BF8-9C54-9D5F5A4B75B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9BBAE669-6E29-408B-BBB0-7747D81A37C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A16095A7-4452-4F23-A8A2-3B66042256D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {AED261EF-DC70-465F-8781-72D6819B01C9} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B29FAB1B-46FD-4E7B-BA55-E3A2EA08467D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BA75D61A-A8EF-4091-867B-CB219D78DFE2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6C0F8B8-DB15-4C8A-ABDF-6EABDC6BCEA0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC4FB1BD-FD8B-4B82-9DB5-6302D443325F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CDC8CB30-999D-4455-BB56-3EEC7B4D1B08} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D3CBACFD-5BD7-4699-9FC4-F30674A40861} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D75A56FB-0658-4CBC-8973-E5E418AEB4F2} - System32\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001 => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupdate.exe [32256 2019-12-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FEB8E13D-4903-473B-A4A9-8A768BF08A1A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [696016 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001.job => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001.job => C:\Users\Admin\AppData\Local\GoToMeeting\16328\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{2915a10c-c807-4574-8c57-f71d94e490d6}: [DhcpNameServer] 10.0.0.1 192.168.1.1
Tcpip\..\Interfaces\{2fcd9258-7022-46f8-b369-537f5258e9cd}: [NameServer] 93.153.117.49 93.153.117.17
Tcpip\..\Interfaces\{3a4122f7-34eb-4adf-a0bc-13b79dda719d}: [NameServer] 93.153.117.49 93.153.117.17
Tcpip\..\Interfaces\{7a305309-996e-4d0f-bf4a-14ffe8ddf2d1}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{df262e11-a3ac-4023-b522-1df829c5220c}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Admin\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2018-03-28] (Dashlane -> Dashlane, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Admin\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2018-03-28] (Dashlane -> Dashlane, Inc.)

Edge:
======
DownloadDir: C:\Users\Admin\Downloads

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-12-27] (Garena Online Pte Ltd -> Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-12-13] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2019-12-30] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-2138815263-3157913528-456582966-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2019-12-30] (TD Ameritrade -> TD Ameritrade)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://www.tipsport.org/images/chance/favicon/ ... m2Pv5m4lx0
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://hitbtc.com; hxxps://web.telegram.org; hxxps://www.freesexchat.com; hxxps://www.instagram.com; hxxps://www.nev-dama.cz; hxxps://www.ubo.cz
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-01-03]
CHR Extension: (Překladač Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-24]
CHR Extension: (Prezentace) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (TradingView Screenshare) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhcojfoafcmhlgoogceejdmfobpehlf [2019-12-11]
CHR Extension: (Dokumenty) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-09]
CHR Extension: (Ledger Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2018-08-05]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-09]
CHR Extension: (Full Page Screen Capture) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-11-29]
CHR Extension: (Tabulky) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-05-27]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-03-20]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2018-07-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Extension: (Chance) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkhkjaillnajkiilpgmmjeablgiicll [2018-09-16]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-28]
CHR HKU\S-1-5-21-2138815263-3157913528-456582966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 GladiusNetworkDaemon; C:\Program Files (x86)\Gladius Node\gladius-networkd.exe [13239808 2018-09-13] () [File not signed]
R2 GladiusNodeControlDaemon; C:\Program Files (x86)\Gladius Node\gladius-controld.exe [23760786 2018-09-13] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2017-03-31] (Canon Inc. -> )
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o. -> Gemfor s.r.o.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH -> TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [838128 2016-12-14] (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [601624 2015-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2015-11-22] (Disc Soft Ltd -> Disc Soft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-28] (Intel(R) Software -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_27a8d1f755bbaf69\nvlddmkm.sys [20177280 2018-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (DEVGURU CO LTD -> QUALCOMM Incorporated)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH -> Tunngle.net GmbH)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 19:02 - 2020-01-03 19:04 - 000000000 ____D C:\AdwCleaner
2020-01-03 19:01 - 2020-01-03 19:01 - 008237744 _____ (Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_8.0.1.exe
2020-01-03 19:00 - 2020-01-03 19:01 - 008237744 _____ (Malwarebytes) C:\Users\Admin\Downloads\adwcleaner_8.0.1.exe
2020-01-03 18:02 - 2020-01-03 18:15 - 000046953 _____ C:\Users\Admin\Desktop\Addition.txt
2020-01-03 17:54 - 2020-01-03 20:00 - 000028448 _____ C:\Users\Admin\Desktop\FRST.txt
2020-01-03 17:53 - 2020-01-03 19:59 - 000000000 ____D C:\FRST
2020-01-03 17:52 - 2020-01-03 17:52 - 002272256 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2020-01-03 17:52 - 2020-01-03 17:52 - 002272256 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2020-01-03 17:42 - 2020-01-03 17:43 - 002962642 _____ C:\Users\Admin\Downloads\03.pdf
2020-01-03 17:42 - 2020-01-03 17:42 - 003028869 _____ C:\Users\Admin\Downloads\02.pdf
2020-01-03 17:42 - 2020-01-03 17:42 - 000921569 _____ C:\Users\Admin\Downloads\01.pdf
2020-01-03 17:09 - 2020-01-03 17:10 - 000000000 ____D C:\rsit
2020-01-03 17:09 - 2020-01-03 17:10 - 000000000 ____D C:\Program Files\trend micro
2020-01-03 17:08 - 2020-01-03 17:08 - 001222144 _____ C:\Users\Admin\Downloads\RSITx64.exe
2020-01-03 17:07 - 2020-01-03 17:08 - 000038524 _____ C:\Users\Admin\Documents\cc_20200103_170756.reg
2020-01-02 04:53 - 2020-01-02 04:55 - 107474465 _____ C:\Users\Admin\Downloads\Buzan_Myšlenkové-mapy-(2012).pdf
2019-12-28 15:11 - 2019-12-28 15:11 - 000001701 _____ C:\Users\Admin\Desktop\Age of Empires Definitive Edition.lnk
2019-12-27 18:29 - 2019-12-27 18:29 - 000000000 ____D C:\Users\Admin\AppData\Local\JxBrowser
2019-12-27 18:28 - 2019-12-27 18:29 - 000000000 ____D C:\Users\Admin\AppData\Local\tastyworks
2019-12-27 18:28 - 2019-12-27 18:28 - 000000000 ____D C:\Users\Admin\.openjfx
2019-12-27 18:28 - 2019-12-27 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tastyworks
2019-12-27 18:28 - 2019-12-27 18:28 - 000000000 ____D C:\Program Files\tastyworks
2019-12-27 18:05 - 2019-12-27 18:05 - 000072183 _____ C:\Users\Admin\Downloads\281508396-00.PDF
2019-12-27 17:56 - 2019-12-27 17:56 - 000532505 _____ C:\Users\Admin\Downloads\2197998687.pdf
2019-12-27 17:51 - 2019-12-27 17:51 - 000726540 _____ C:\Users\Admin\Downloads\1903352741.pdf
2019-12-26 13:29 - 2019-12-26 13:29 - 000210544 _____ C:\Users\Admin\Downloads\Vypis_z_uctu_2096780003_z_20190228.pdf
2019-12-26 13:28 - 2019-12-26 13:28 - 000209745 _____ C:\Users\Admin\Downloads\Vypis_z_uctu_2096780003_z_20190131.pdf
2019-12-25 20:37 - 2019-12-29 17:20 - 000000000 ____D C:\Users\Admin\Desktop\opce
2019-12-25 20:36 - 2019-12-25 20:36 - 004421392 _____ (Worden Brothers, Inc.) C:\Users\Admin\Downloads\TC2000v19setup.exe
2019-12-24 23:11 - 2019-12-24 23:11 - 000000000 ____D C:\Users\Admin\AppData\Local\Chromium
2019-12-24 23:10 - 2019-12-30 17:43 - 000000000 ____D C:\Users\Admin\AppData\Local\7.1c
2019-12-24 23:05 - 2019-12-31 18:31 - 000000000 ____D C:\Users\Admin\.thinkorswim
2019-12-24 23:04 - 2019-12-31 18:31 - 000000000 ____D C:\Program Files\thinkorswim
2019-12-24 23:04 - 2019-12-24 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim
2019-12-24 22:58 - 2019-12-24 23:02 - 054390736 _____ (thinkorswim, Inc) C:\Users\Admin\Downloads\thinkorswim_x64_installer.exe
2019-12-24 14:19 - 2019-12-24 14:19 - 000000000 ____D C:\Users\Admin\AppData\Roaming\java
2019-12-24 13:50 - 2019-12-24 13:50 - 004999440 _____ (Interactive Brokers LLC) C:\Users\Admin\Downloads\tws-latest-windows-x64.exe
2019-12-24 13:08 - 2019-12-24 13:08 - 000000000 ____D C:\WINDOWS\LastGood
2019-12-24 03:47 - 2019-12-24 03:48 - 067577053 _____ (LMH) C:\Users\Admin\Downloads\OKEx_Setup.exe
2019-12-23 17:13 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2019-12-23 17:13 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2019-12-23 17:13 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2019-12-23 17:13 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2019-12-23 17:13 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2019-12-23 17:13 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2019-12-23 17:13 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2019-12-23 17:12 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2019-12-23 17:12 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2019-12-23 17:12 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2019-12-23 17:12 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2019-12-23 17:12 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2019-12-23 17:12 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2019-12-23 17:12 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2019-12-23 17:12 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2019-12-23 17:12 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2019-12-23 17:12 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2019-12-23 17:12 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2019-12-23 17:12 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2019-12-23 17:12 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2019-12-23 17:12 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2019-12-23 17:12 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2019-12-23 17:12 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2019-12-23 17:12 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2019-12-23 17:12 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2019-12-23 17:12 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2019-12-23 17:12 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2019-12-23 17:12 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2019-12-23 17:12 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2019-12-23 17:12 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2019-12-23 17:12 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2019-12-23 17:12 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2019-12-23 17:12 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2019-12-23 17:12 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2019-12-23 17:12 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2019-12-23 17:12 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2019-12-23 17:12 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2019-12-23 17:12 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2019-12-23 17:12 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2019-12-23 17:12 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2019-12-23 17:12 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2019-12-23 17:12 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2019-12-23 17:12 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2019-12-23 17:12 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2019-12-23 17:12 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2019-12-23 17:11 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2019-12-23 17:11 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2019-12-23 17:11 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2019-12-23 17:11 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2019-12-23 17:11 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2019-12-23 17:11 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2019-12-23 17:11 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2019-12-23 17:11 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2019-12-23 17:11 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2019-12-23 17:11 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2019-12-23 17:11 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2019-12-23 17:11 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2019-12-23 17:11 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2019-12-23 17:11 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2019-12-23 17:11 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2019-12-23 17:11 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2019-12-23 17:11 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2019-12-23 17:11 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2019-12-23 17:11 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2019-12-23 17:11 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2019-12-23 17:11 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2019-12-23 17:11 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2019-12-23 17:11 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2019-12-23 17:11 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2019-12-23 17:11 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2019-12-23 17:11 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2019-12-23 17:11 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2019-12-23 17:11 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2019-12-23 17:11 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2019-12-23 17:11 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2019-12-23 17:11 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2019-12-23 17:11 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2019-12-23 17:11 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2019-12-23 17:11 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2019-12-23 17:11 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2019-12-23 17:11 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2019-12-23 17:11 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2019-12-23 17:11 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2019-12-23 17:11 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2019-12-23 17:11 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2019-12-23 17:11 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2019-12-23 17:11 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2019-12-23 17:11 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2019-12-23 17:11 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2019-12-23 17:11 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2019-12-23 17:11 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2019-12-23 17:11 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2019-12-23 17:10 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2019-12-23 17:10 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2019-12-23 17:10 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2019-12-23 17:10 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2019-12-23 17:10 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2019-12-23 17:10 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2019-12-23 14:39 - 2019-12-23 14:39 - 000000219 _____ C:\Users\Admin\Desktop\Counter-Strike Global Offensive.url
2019-12-23 14:32 - 2019-12-23 14:32 - 000000000 ____D C:\Users\Admin\AppData\Local\Steam
2019-12-23 14:27 - 2020-01-03 17:06 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-23 14:27 - 2019-12-23 14:27 - 001573568 _____ C:\Users\Admin\Downloads\SteamSetup.exe
2019-12-23 14:27 - 2019-12-23 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-21 01:30 - 2019-12-21 01:30 - 000288436 _____ C:\Users\Admin\Downloads\JMIB_24_09.pdf
2019-12-20 23:36 - 2019-12-20 23:36 - 001853396 _____ C:\Users\Admin\Downloads\Výhled-na-2020-Bitcoin.pdf
2019-12-20 23:36 - 2019-12-20 23:36 - 000538539 _____ C:\Users\Admin\Downloads\Výhled-na-2020-co-s-Altcoiny.pdf
2019-12-20 12:37 - 2019-12-20 12:37 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-12-13 00:36 - 2019-12-13 00:36 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-13 00:36 - 2019-12-13 00:36 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-13 00:36 - 2019-12-13 00:36 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-13 00:36 - 2019-12-13 00:36 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-13 00:35 - 2019-12-13 00:35 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-13 00:35 - 2019-12-13 00:35 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-13 00:35 - 2019-12-13 00:35 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-13 00:35 - 2019-12-13 00:35 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-13 00:35 - 2019-12-13 00:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-13 00:34 - 2019-12-13 00:35 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-13 00:34 - 2019-12-13 00:34 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-13 00:34 - 2019-12-13 00:34 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-13 00:34 - 2019-12-13 00:34 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 22:03 - 2019-12-12 22:04 - 005398504 _____ C:\Users\Admin\Downloads\ekonomicke-bubliny (1).epub
2019-12-10 18:05 - 2019-12-10 18:05 - 000002065 _____ C:\Users\Admin\Desktop\PokerStars.eu.lnk
2019-12-04 13:02 - 2019-12-04 13:02 - 000039936 _____ C:\Users\Admin\Downloads\VoiTotalsByAssetClassExcelExport.xls
2019-12-04 13:00 - 2019-12-04 13:00 - 000010752 _____ C:\Users\Admin\Downloads\VoiDetailsForProduct.xls

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 20:02 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-03 19:12 - 2019-11-10 22:08 - 000000000 ____D C:\Users\Admin\Desktop\btc
2020-01-03 19:11 - 2017-05-24 06:28 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-03 19:09 - 2019-10-31 15:00 - 000003608 _____ C:\WINDOWS\system32\Tasks\Garena+ Plugin Host Service
2020-01-03 19:07 - 2015-11-01 19:14 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2020-01-03 19:06 - 2019-10-31 15:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-03 19:05 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-03 17:39 - 2017-02-20 11:37 - 000000000 ___RD C:\Users\Admin\Documents\ScreenMaster
2020-01-03 17:06 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-03 16:56 - 2019-10-31 14:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-03 16:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-03 01:05 - 2018-10-15 19:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Telegram Desktop
2020-01-02 21:49 - 2016-12-09 01:48 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2020-01-02 12:28 - 2018-11-25 10:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\discord
2020-01-02 10:15 - 2019-10-31 14:44 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-02 10:15 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-02 10:15 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-02 05:22 - 2019-10-31 14:32 - 000000000 ____D C:\Users\Admin
2019-12-29 00:36 - 2018-10-14 00:56 - 000000000 ____D C:\Binance
2019-12-28 13:51 - 2018-09-17 16:02 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\TC2000
2019-12-28 13:51 - 2017-10-31 16:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\TC2000v16
2019-12-27 18:20 - 2016-12-13 19:01 - 000000644 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001.job
2019-12-27 18:20 - 2016-12-13 19:01 - 000000548 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001.job
2019-12-26 18:58 - 2017-11-05 17:59 - 000000000 ____D C:\Jts
2019-12-25 20:37 - 2017-10-31 16:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Worden Brothers, Inc
2019-12-25 19:47 - 2019-10-31 15:00 - 000003790 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2138815263-3157913528-456582966-1001
2019-12-25 19:47 - 2019-10-31 15:00 - 000003694 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2138815263-3157913528-456582966-1001
2019-12-25 19:47 - 2017-07-08 14:17 - 000000000 ____D C:\Users\Admin\AppData\Local\GoToMeeting
2019-12-24 17:25 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-24 13:53 - 2017-11-05 18:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2019-12-24 13:52 - 2017-11-05 17:59 - 000000000 ____D C:\Users\Admin\.i4j_jres
2019-12-23 16:03 - 2019-01-01 16:33 - 000000000 ____D C:\Users\Admin\Desktop\naulozeni
2019-12-17 22:14 - 2016-12-09 02:25 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 22:14 - 2016-12-09 02:25 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 00:17 - 2018-10-19 08:39 - 000000000 ____D C:\Users\Admin\Downloads\Telegram Desktop
2019-12-16 09:31 - 2018-06-27 15:05 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2019-12-15 22:24 - 2016-12-16 10:29 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2019-12-13 23:08 - 2019-10-31 15:00 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 23:08 - 2019-10-31 15:00 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 17:20 - 2016-04-04 15:23 - 000000000 ___RD C:\Users\Admin\3D Objects
2019-12-13 17:20 - 2015-11-01 19:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 17:19 - 2019-10-31 14:17 - 000457288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 03:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-13 03:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-13 03:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-13 01:07 - 2016-12-09 14:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-13 00:54 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-13 00:54 - 2016-12-09 14:26 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-13 00:21 - 2017-12-18 20:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2019-12-12 22:08 - 2017-11-14 21:27 - 000000000 ____D C:\Users\Admin\Documents\My Kindle Content
2019-12-12 22:08 - 2017-11-14 21:26 - 000000000 ____D C:\Users\Admin\AppData\Local\Amazon
2019-12-12 22:03 - 2018-02-23 09:59 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2019-12-11 01:08 - 2019-10-31 15:00 - 000004644 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-11 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-11 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-10 23:49 - 2019-10-31 15:00 - 000004632 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-10 18:05 - 2016-12-20 17:37 - 000000000 ____D C:\Users\Admin\AppData\Local\PokerStars.CZ
2019-12-08 20:03 - 2018-02-28 14:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-06 14:15 - 2017-02-16 19:03 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-12-06 14:06 - 2018-01-04 16:02 - 000000000 ___RD C:\Users\Admin\Documents\Scanned Documents

==================== Files in the root of some directories ========

2017-11-24 15:57 - 2017-11-24 15:57 - 000000129 _____ () C:\Users\Admin\AppData\Roaming\Camdata.ini
2017-11-24 15:57 - 2017-11-24 15:57 - 000000408 _____ () C:\Users\Admin\AppData\Roaming\CamLayout.ini
2017-11-24 15:57 - 2017-11-24 15:57 - 000000408 _____ () C:\Users\Admin\AppData\Roaming\CamShapes.ini
2017-11-24 15:57 - 2017-11-24 15:57 - 000004550 _____ () C:\Users\Admin\AppData\Roaming\CamStudio.cfg
2017-11-24 15:25 - 2017-11-24 15:25 - 000000096 _____ () C:\Users\Admin\AppData\Roaming\version2.xml
2018-09-30 19:41 - 2018-10-01 19:43 - 000003372 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\83b968be-efe4-4a91-894a-ec489147e1aa
2018-08-03 17:42 - 2018-08-03 17:42 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Admin (03-01-2020 20:05:34)
Running from C:\Users\Admin\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-10-31 14:01:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2138815263-3157913528-456582966-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2138815263-3157913528-456582966-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2138815263-3157913528-456582966-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-2138815263-3157913528-456582966-503 - Limited - Disabled)
Guest (S-1-5-21-2138815263-3157913528-456582966-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2138815263-3157913528-456582966-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2138815263-3157913528-456582966-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\uTorrent) (Version: 3.5.3.44396 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Connect (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Adobe Connect App) (Version: 2018.7.10.32 - Adobe Systems Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Amazon Kindle (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
American Truck Simulator CZ (HKLM-x32\...\American Truck Simulator CZ 1.4.4) (Version: 1.4.4 - SCS Software)
AmericasCardroom (HKLM-x32\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.2.1.1454 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Bandicut (HKLM-x32\...\Bandicut) (Version: 2.8.2.380 - Bandicam.com)
BestPoker (HKLM-x32\...\{A43C6826-F576-4318-BE16-970BF8C9E71F}) (Version: 1.0.0.41 - NSUS Ltd.)
Binance version 1.3.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.3.0 - Binance)
BLOCK DX 0.7.8 (only current user) (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\c2c3b094-387a-5023-b209-68eb93a40a65) (Version: 0.7.8 - Blocknet)
BlueVoda Website Builder 10.12 (HKLM-x32\...\BlueVoda_Website_Builder_1.0) (Version: - )
Brave (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Brave) (Version: 0.24.0 - Brave Software)
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.3.1 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM-x32\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{CC8F903A-9698-4245-9A38-22412DEF1029}) (Version: 1.0.446 - Citrix)
CSEP 14 1.0 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\CSEP 14 1.0) (Version: - )
Dashlane (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Dashlane) (Version: 5.10.0.18444 - Dashlane, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Discord (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.63 - NVIDIA Corporation) Hidden
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: - Brian Hoary)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.2 - Electronic Arts)
FIFA 14 1.2 (HKLM-x32\...\FIFA 14_is1) (Version: - )
Forex Tester 3.1.0.43 (HKLM-x32\...\{76F760EA-C312-4482-BE41-08B9C07860CA}_is1) (Version: - Forex Tester Software)
FormatFactory 4.4.1.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.1.0 - Free Time)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
GCI MT4 (HKLM-x32\...\GCI MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Gladius Node version 0.6.2 (HKLM-x32\...\{AB54C628-10FE-4FD7-91C9-AEBFC4593702}_is1) (Version: 0.6.2 - Gladius Network, LLC)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.35.5296 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GoToMeeting 10.6.0.16328 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\GoToMeeting) (Version: 10.6.0.16328 - LogMeIn, Inc.)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HellSpy Download Client verze 1.0.3 (HKLM-x32\...\{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1) (Version: 1.0.3 - HellSpy.com)
Holdem Manager 3 (HKLM-x32\...\{F1A0512A-1DDC-4C61-887E-20A9F271703A}) (Version: 3.0.5345.0 - Max Value Software)
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 5.05.02.00 - )
Icecream Ebook Reader verze 5.07 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.07 - Icecream Apps)
J88Poker 1.0 (HKLM-x32\...\J88Poker_is1) (Version: - )
Jivaro (HKLM-x32\...\{95CF931D-DDEB-4B15-B52C-80096CB5275E}) (Version: 2.2.15.0 - Jivaro ehf)
join.me (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\JoinMe) (Version: 3.2.1.5223 - LogMeIn, Inc.)
KeePass Password Safe 2.38 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.38 - Dominik Reichl)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
Ledger Live 1.2.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 1.2.0 - Ledger)
Ledger Wallet Ripple version 1.0.3 (HKLM-x32\...\{2A226916-F20B-403D-B564-F2CF5CF8CEF8}_is1) (Version: 1.0.3 - Ledger)
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
MetaTrader 4 Admiral Markets (HKLM-x32\...\MetaTrader 4 Admiral Markets) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 5 Admiral Markets (HKLM\...\MetaTrader 5 Admiral Markets) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader Standard (HKLM-x32\...\MetaTrader Standard) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft OneDrive (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Movavi Video Editor 14 (HKLM-x32\...\Movavi Video Editor 14) (Version: 14.1.0 - Movavi)
Natural8 (HKLM-x32\...\{A78E7B9E-0EF6-455A-A755-D0BDECFE4E6D}) (Version: 1.0.0.41 - NSUS Ltd.)
Neon 0.2.8 (only current user) (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 0.2.8 - Ethan Fast)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Ovládací panel NVIDIA 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.63 - NVIDIA Corporation) Hidden
partypoker (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\PartyPoker) (Version: - PartyGaming)
partypoker Czech (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\PartyPokerCZ) (Version: - PartyCzech)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.318.0 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM\...\{5C198985-6833-4F92-BE9A-33FC8ACC1025}) (Version: 6.0.321.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{2433cfd7-50ba-4a4a-b94e-7d8fc0f61dd1}) (Version: 6.0.321.0 - Tracker Software Products (Canada) Ltd.)
PicPick (HKLM-x32\...\PicPick) (Version: 4.2.2 - NGWIN)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Presentation Assistant V3.0.1 (HKLM-x32\...\Presentation Assistant_is1) (Version: - www.presentation-assistant.com)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4) (Version: 4.00 - MetaQuotes Software Corp.)
PUSH Video Wallpaper (HKLM\...\PUSH Video Wallpaper_is1) (Version: 4.18 - PUSH Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG3600 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3600 series) (Version: - ‭Canon Inc.)
SaxoTrader (HKLM-x32\...\{49C14B93-58AD-4178-B52C-750D54CE618D}) (Version: 2.192.69.0 - Saxo Bank)
Screen Master verze 2 (HKLM-x32\...\{A1B4E44A-23E0-4D88-AEA9-03C3276F1E77}_is1) (Version: 2 - AK Dílna)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SlideMate 2011 V5.0 (HKLM-x32\...\SlideMate 2011 V5.0_is1) (Version: - YpgSoft)
SMRecorder 1.1.9 (HKLM-x32\...\SMRecorder) (Version: 1.1.9 - SMRecorder)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
tastyworks (HKLM\...\{27392855-2B83-3D6B-A14D-6D8A9EFFF4A4}) (Version: 1.4.0 - tastyworks, inc.)
TC2000 v18 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TC2000 v18 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\TC2000 v18 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Telegram Desktop version 1.8.15 (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
TonyBet Poker (HKLM-x32\...\TonyBet Poker) (Version: - TonyBet)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Trader Workstation (HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\5889-6375-8446-2021) (Version: latest (978.1g) 20191211 16:53:18 - Interactive Brokers LLC)
TraderGO (HKLM-x32\...\{529F39A2-AC64-4E33-AB48-5643AB4420B0}) (Version: 2.178.52.0 - BrokerjetGO)
True Poker (HKLM-x32\...\9A147762-0190-4F8B-B8C9-64A6A6838F5C) (Version: 16.6 - IGSoft)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH)
Ulož.to FileManager verze 2.45 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.45 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vertcoin One-Click Miner (HKLM-x32\...\{15C3756C-B26F-482A-AC04-7C95411AE9AF}) (Version: 1.1.80 - Vertcoin Development Team)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
XM UK MT4 (HKLM-x32\...\XM UK MT4) (Version: 4.00 - MetaQuotes Software Corp.)
XTB xStation (HKLM-x32\...\{7FD26B2B-888D-E1C6-6580-6B5B4A02778F}) (Version: 1.65.0 - X Open Hub) Hidden
XTB xStation (HKLM-x32\...\pro.xopenhub.xstation) (Version: 1.65.0 - X Open Hub)

Packages:
=========
Age of Empires: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSDallas_1.3.27374.2_x64__8wekyb3d8bbwe [2019-08-24] (Microsoft Studios)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-10] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-25] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.6.0.10_x86__h6adky7gbf63m [2019-12-17] (Gameloft.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-09] (Facebook Inc)
Fly Reader -> C:\Program Files\WindowsApps\28471.Win10_1.4.86.0_x64__5jrh99fxzq7xw [2019-12-24] (殷越)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2019-05-18] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Simplenote -> C:\Program Files\WindowsApps\22490Automattic.Simplenote_1.12.0.0_x86__9h07f78gwnchp [2019-12-10] (Automattic)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2138815263-3157913528-456582966-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2138815263-3157913528-456582966-1001_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0x2FE9AFE4EC58D401DBB62396B659D401020000000500000000000000 => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Holdem Manager 3\Copy HM3 Log files to Desktop.lnk -> C:\Program Files (x86)\Holdem Manager 3\HM3_Utilities\HM3CopyLogFiles.bat ()
ShortcutWithArgument: C:\Users\Admin\Desktop\naulozeni\další\programy\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\Admin\Desktop\naulozeni\další\programy\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\Admin\Desktop\naulozeni\další\programy\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chance.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=plkhkjaillnajkiilpgmmjeablgiicll
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm

==================== Loaded Modules (Whitelisted) =============

2017-08-26 10:40 - 2015-01-09 07:45 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2017-08-26 10:40 - 2015-01-09 07:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2017-02-16 19:14 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-03-19 10:40 - 2018-03-19 10:40 - 000101376 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll
2016-12-10 23:40 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-12-09 00:57 - 2016-12-09 00:53 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-04-10 18:51 - 2017-09-12 21:10 - 000000510 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 asus.mshome.net # 2022 6 3 8 19 53 38 965
6 5 16 19 53 38 965
192.168.137.1 asus.mshome.net # 2022 6 3 8 19 53 38 965

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2138815263-3157913528-456582966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\moon_sun_decline_evening_merge_day_night_sea_waves_fog_clouds_48449_1600x900.jpg
DNS Servers: 10.0.0.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "GarenaPlus"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "HoldemManager.Server"
HKU\S-1-5-21-2138815263-3157913528-456582966-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DA770EDF-8C50-4319-995A-D054311FADFF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{537C3933-57B5-44AA-9DF4-42943BFB3BDE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{41927772-FAB8-4978-B1DF-96AA8AECCE8C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{D5E2B5AA-2D4C-4966-B778-FC3DC5C160D4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{13C8D64A-0FD8-471C-BF63-C458F1F864DC}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3B106956-42B9-465D-90CD-825D23BB2FA8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{98DF38DB-5340-4810-8A1A-A045781C286D}C:\program files (x86)\gladius node\gladius-controld.exe] => (Allow) C:\program files (x86)\gladius node\gladius-controld.exe () [File not signed]
FirewallRules: [TCP Query User{7292DB9E-BBF9-466A-98AB-80A4786677A4}C:\program files (x86)\gladius node\gladius-controld.exe] => (Allow) C:\program files (x86)\gladius node\gladius-controld.exe () [File not signed]
FirewallRules: [{3E9089A3-E55E-4CD7-A89A-3D19DDA4D9B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1F23F98-FA22-4BA6-B0A8-2C428915AD85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82AE6547-96EE-4547-8B2D-CFF82B46302A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F4C3B67-CC96-46F4-9997-FD786C0F4674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9DB4BCB-530F-45B9-8B10-CEAF8FCD8758}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ECEBCB1C-71C3-4C71-B5FE-E8AEAC41366C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BD4AC8E8-A4A5-42B0-8E6F-92DA2649B8D7}] => (Allow) C:\Program Files\MetaTrader 5 Admiral Markets\metatester64.exe (MetaQuotes Software Corp. -> MetaQuotes Software Corp.)
FirewallRules: [{A217CA02-B96F-47B6-8135-507E5325227A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D7DDB97A-7778-425C-AF48-EC1CFFFB6380}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9E06A764-FA75-437A-96F1-B2D8CEF94665}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{50E48E5A-E4AB-4039-A585-1FB4C922832C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1BD918B0-586F-4A06-8E2B-CA407415C070}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{787EDF77-AE2C-44C4-9915-6CCDA926694E}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{7AE0D3DC-FCC9-4734-8B1D-9787E5ECB6B2}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{F45B641D-63AB-4ABD-838D-8C20408D6390}] => (Allow) C:\hry\FIFA 14\Game\fifa14.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{225CA277-E229-40F4-BCCA-33B64DB954D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{EA32DC11-513A-451C-8695-358704DA3BC7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B5A0F484-A4FF-464C-8011-91D460ADAC90}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D8692260-97C1-45A3-811F-7144BD5B1A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{695EF7AD-A37B-491B-BDB4-19159150D185}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF7EB185-B10B-4CEE-AC2E-AB488767702C}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{6948925C-774A-4D2F-BB94-27C8411D2DD3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{B0B39489-9730-4EB6-8DA8-D39024ECE885}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{2A4BE204-7496-4CDA-89BE-58D00558E915}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [TCP Query User{06661A37-314D-4FED-A4CA-29DD5B1F0F7B}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{709A48AB-C6F0-4773-BD9B-1605219D2455}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{514302A5-8F38-4D36-938A-BB1D6694C8FD}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{67B2360D-92E2-4F30-BECB-9C8CC8A6CD47}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DE2C316E-B7F8-40AC-8010-D2733AFDCA2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ED3F3AF6-8D1C-41E3-ABB6-B371FB12EB9F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7291E76-54C3-43B8-963A-146DD0A2D5B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{439794DE-25FC-418F-AC52-218C956E37F8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{298D4069-7DCD-4AA1-A340-0B8FEBEC1355}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E93BC49E-45DB-43E9-92CA-E940FCF7F195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{7D82BF1F-AB05-4442-A226-B0761691570D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{1C0D3490-110E-4CDD-A320-0FC68BEFB1E1}C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe] => (Allow) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{1F674085-33F4-4BAF-9437-C5793F8D2BC1}C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe] => (Allow) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{42A69EBF-3A3B-4EC0-96CC-F67C6DB99607}] => (Block) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{2F4771E5-B26E-46BA-BBD4-1199EAB24365}] => (Block) C:\users\admin\desktop\naulozeni\další\programy\age of empires 2 (cz + crack)\age of empires 2\empires2.exe (Microsoft Corporation) [File not signed]

==================== Restore Points =========================

30-12-2019 19:35:52 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/03/2020 08:03:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2104,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 07:27:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9588,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 07:21:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5324,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 05:31:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 05:11:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5188,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 05:00:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1288,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 03:50:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4924,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2020 03:42:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8880,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/03/2020 07:07:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6b14b byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/03/2020 07:05:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (01/03/2020 07:05:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (01/03/2020 07:05:16 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (01/03/2020 07:04:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (01/03/2020 07:04:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/03/2020 07:04:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/03/2020 07:04:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2019-12-30 18:24:14.322
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {04B27BDA-442B-4A34-9D29-F5756A11C092}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-25 23:05:44.953
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DEC5D42A-1B91-42F3-BBD9-304D352F1798}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-25 21:32:04.915
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1AF8DC32-59B7-453F-A82F-1740FC765F40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-17 00:59:59.963
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {502C01D1-8236-4030-9F0F-247270982145}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-13 20:19:58.279
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4D5F8346-F3DC-425B-A7C5-CFECFBCD0DF6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-11-29 06:24:05.459
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2997.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-11-28 19:48:56.512
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-28 19:48:56.510
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-28 19:48:56.509
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-28 19:48:56.462
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.2798.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X751MJ.205 02/28/2015
Motherboard: ASUSTeK COMPUTER INC. X751MJ
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 51%
Total physical RAM: 8078.3 MB
Available physical RAM: 3883.55 MB
Total Virtual: 9358.3 MB
Available Virtual: 4394.2 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:40.54 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:439.06 GB) NTFS

\\?\Volume{9c3657f1-cc9d-4d85-87f3-774c9a310173}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.56 GB) NTFS
\\?\Volume{223ad769-3e02-411c-b7e7-3f4fe46d761b}\ (Restore) (Fixed) (Total:15.01 GB) (Free:3.67 GB) NTFS
\\?\Volume{dd72e135-2afb-42bc-acd8-04d70564e707}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 97EAD77B)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118251
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-22] () [File not signed]
Task: {1457A967-EF1C-4B3C-B7BD-20304EA46C54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {A16095A7-4452-4F23-A8A2-3B66042256D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {CDC8CB30-999D-4455-BB56-3EEC7B4D1B08} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-2138815263-3157913528-456582966-1001_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0x2FE9AFE4EC58D401DBB62396B659D401020000000500000000000000 => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
klik6
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 08 zář 2012 13:25

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#9 Příspěvek od klik6 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Admin (03-01-2020 21:09:03) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-22] () [File not signed]
Task: {1457A967-EF1C-4B3C-B7BD-20304EA46C54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {A16095A7-4452-4F23-A8A2-3B66042256D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-09] (Google Inc -> Google Inc.)
Task: {CDC8CB30-999D-4455-BB56-3EEC7B4D1B08} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-2138815263-3157913528-456582966-1001_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0x2FE9AFE4EC58D401DBB62396B659D401020000000500000000000000 => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1457A967-EF1C-4B3C-B7BD-20304EA46C54}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1457A967-EF1C-4B3C-B7BD-20304EA46C54}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A16095A7-4452-4F23-A8A2-3B66042256D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A16095A7-4452-4F23-A8A2-3B66042256D9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDC8CB30-999D-4455-BB56-3EEC7B4D1B08}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDC8CB30-999D-4455-BB56-3EEC7B4D1B08}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\WINDOWS\LastGood.Tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKU\S-1-5-21-2138815263-3157913528-456582966-1001_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29557801 B
Java, Flash, Steam htmlcache => 86776726 B
Windows/system/drivers => 870566 B
Edge => 18943 B
Chrome => 591470680 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1866 B
Admin => 7944554 B

RecycleBin => 6913080 B
EmptyTemp: => 700.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:12:54 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118251
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
klik6
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 08 zář 2012 13:25

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#11 Příspěvek od klik6 »

Ano, vypadá to, že je to v pořádku.
Můžete ještě doporučit nějaký čistič, pro rychlejší chod systému? Nebo jen defragmentovat pevný disk?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118251
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#12 Příspěvek od Rudy »

Používáme a doporučujeme CCleaner: https://forum.viry.cz/viewtopic.php?f=46&t=7478 . DFopručuji ho používat vdefaultním nastavení. Jen tak vám nesmaže nic, co byste mohl potřebovat v budoucnu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
klik6
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 08 zář 2012 13:25

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#13 Příspěvek od klik6 »

Dobrá, děkuji. :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118251
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - Chrome načte neznámý web

#14 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“