Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
onthomaz
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 24 bře 2013 16:44
Bydliště: F-M

Prosim o kontrolu logu

#1 Příspěvek od onthomaz »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by thoma (administrator) on MSI-GL62M-7RDX (Micro-Star International Co., Ltd. GL62M 7RDX) (21-01-2020 15:23:48)
Running from C:\Users\thoma\Desktop
Loaded Profiles: thoma (Available Profiles: thoma & DefaultAppPool)
Platform: Windows 10 Home Version 2004 19041.21 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(David Carpenter -> ) C:\Program Files\Everything\Everything.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_668dd0c6d3f9fa0e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_668dd0c6d3f9fa0e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6b3496dbfbe8b7c6\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6b3496dbfbe8b7c6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2001.1001.4.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.14003.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.14003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.58.11001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.33.5006.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904 2017-07-04] (A-Volute -> Nahimic)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123488 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-12-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2019-01-28] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [49443304 2019-05-11] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [MT550Config] => C:\Program Files (x86)\Rapoo\MT550\MT550Config.exe [17747512 2017-12-05] (Shenzhen Rapoo Technology Co., Ltd. -> TODO: <公司名>)
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-05] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\Jaksta\AC\x64\jaudcap.dll => C:\WINDOWS\Jaksta\AC\x64\jaudcap.dll [309680 2019-08-02] (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Arduino Create Agent.lnk [2019-01-21]
ShortcutTarget: Arduino Create Agent.lnk -> C:\Users\thoma\AppData\Roaming\ArduinoCreateAgent-1.1\Arduino_Create_Bridge.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask => {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} C:\Windows\System32\Windows.UI.Immersive.dll [1250816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {015978C2-2874-472E-809B-674229C589BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0322A434-AF57-49A7-8EE9-BEA7ED431604} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {098B812F-4F30-4B24-90E1-EB613CD1439F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {12E9E5F3-768F-4776-ACEC-08D1A20019E3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {145E52FA-B3FE-490A-A47A-B424C01AAD31} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {14DBEA2E-2CCC-474E-9915-7468B25896B4} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery => {C93CF9D5-031B-4AAA-AB0B-EF802347B381} C:\Windows\System32\MBMediaManager.dll [718848 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {176C69C1-387A-4995-BA82-2373F93CC85A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1A782547-9B49-462B-9DEC-9EA10A428600} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904 2017-07-04] (A-Volute -> Nahimic)
Task: {2778BFBE-8B8D-4E62-A9C6-DA04941AC549} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_pepper.exe [1453112 2020-01-14] (Adobe Inc. -> Adobe)
Task: {2C6113D2-0537-4414-838F-74A290BCCCDC} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5607192 2018-04-12] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {2DAE137C-3C44-46BC-8B51-EFADCD4E208F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3827C63B-E7FA-4AC5-8027-7AA332832727} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3DB0A9D8-B4B6-42FC-B2F0-0D6829994CB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3E9C109A-BB4B-4C21-9CD4-FA7D19D90460} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F331E19-5E83-4DF7-88ED-88936D6E0854} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F6DE2A9-2AC9-483A-B944-E6DD2EBCB28B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {49D526BB-0549-443E-AECE-8BB089697157} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {4BBB39B3-0FD7-4AB6-8D40-7BCF696CE63A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C006673-332A-4BD8-9B23-1CDA1A4EAB01} - System32\Tasks\WD Discovery Service Task thoma => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [68584 2019-05-11] (Western Digital Technologies, Inc. -> )
Task: {6A6517AE-3389-43A0-85F2-3E4770EB150C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {6BDCB86A-104F-4993-824B-5ADD89E1EC67} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {7474D7C4-ADC7-4A56-804F-4D403C08C1F5} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {75D2F8F6-66B8-4A2D-8FF8-F5B39A083724} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2875869499-1234183625-2204340559-1001 => C:\Users\thoma\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-02-21] (Mega Limited -> Mega Limited)
Task: {78291362-4738-4E0B-8DB3-1390706C79D6} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => %windir%\system32\rundll32.exe %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
Task: {794DE1D9-8E3F-40B6-B338-336A640A1A47} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {7E6266DF-3FA0-468D-AECF-34E6BA550050} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B0FDC0F-4927-4EE8-AF1E-A3B598C6EFED} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {9D55309B-0BD4-45AC-86E8-A04D2F4A3705} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {A08E0BB2-B6E1-4353-9FAF-EBA89F25DB65} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {A0EE4455-226C-4D30-A77E-B23BD08FA30F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings => {10D62541-90D0-42FE-848C-0DBC1AC42EDA} C:\Windows\System32\CoreGlobConfig.dll [215896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {A833BF37-9CDA-4EAD-93A6-B7B882DA53FC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF7A8CDF-8ECD-442F-B3AF-19BE0846C384} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => {AD08DCC2-4E35-4486-9D49-547CBD30942D} C:\WINDOWS\System32\MitigationClient.dll [417792 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BEFA209E-ED82-4C75-91BC-B28E097EFD22} - System32\Tasks\Office 2019 Statique Activation Planificateur => C:\Users\thoma\Downloads\MSOffice_2019\ActO19.cmd -renewalonly
Task: {C549398D-DD6E-496B-8459-C64CEE694B14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable => {8E7C2AFB-72B9-415C-9AC2-5037693309B7} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CDE009B9-721F-476C-A9D4-089589E69DD2} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [431384 2018-02-05] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {CF2F0EEC-9341-4F57-969C-D6E04E56E5A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0C42D2F-31AC-4F98-89BA-FF1BD1F65BD5} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {D5F9978C-7BB2-4F54-925A-E03B0497C1E2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146000 2019-03-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {D8ACB615-B480-4BF5-81CD-26A50D506736} - System32\Tasks\WD Device Agent Task thoma => C:\Users\thoma\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [717088 2018-12-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {DA1354D6-F9A6-4652-808A-934697132795} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E477CC58-CC9F-4B22-80D6-7CE201687096} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {E47A960B-642D-4F99-B437-848945D818AA} - System32\Tasks\Nahimic2svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe [4412088 2017-07-04] (A-Volute -> )
Task: {EBA8775F-F52D-4B67-AE72-B0D76F525B24} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE13A4E8-9194-437F-BF31-58D6798FAA93} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F06408C3-C9A8-49F7-8D73-8539A8DFBED3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
Task: {F0911580-78D0-4CE6-A52F-86C0CF118817} - System32\Tasks\Nahimic2svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe [520376 2017-07-04] (A-Volute -> )
Task: {FAB38A53-F3C9-4972-B257-FE42BEABA3F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
Task: {FB294065-CD26-4A79-900F-06C57F709B24} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC004197-87DF-418F-A9F9-A6B1F737AA27} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{892863ed-8c80-4f90-9fd7-79f6f4551af2}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{d3ea6b53-e9d4-487c-83d8-9b3567d2ed26}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\thoma\Downloads
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.9.0.0_neutral__c1wakc4j0nefm [2019-08-21]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2875869499-1234183625-2204340559-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\thoma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com"
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://mail.google.com
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default [2020-01-21]
CHR Extension: (Ultimate Video Saver) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkpfjljjhhonjehpkmgonimjjgaheap [2019-11-19]
CHR Extension: (Universal Bypass) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2020-01-08]
CHR Extension: (Flash Video Downloader) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-08]
CHR Extension: (The Flash Video Dоwnlоader) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2019-06-10]
CHR Extension: (Video Downloader Plus) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\baejfnndpekpkaaancgpakjaengfpopk [2019-07-27]
CHR Extension: (Nectar Notifier) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bilfacghikncbjidkgdenbjimhfkgobo [2019-10-02]
CHR Extension: (Honey) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-01-11]
CHR Extension: (uBlock Origin) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-01-06]
CHR Extension: (Admiral Rewards Notifier) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdcapceknfbckjkhlbheaopbhgclmgj [2020-01-05]
CHR Extension: (Tampermonkey) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-01]
CHR Extension: (Unshorten.link) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbobdaaeaihkghbokihkofcbndhmbdpd [2019-06-19]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2019-10-27]
CHR Extension: (Qmee) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2019-10-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (uBlock Origin Extra) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2019-09-25]
CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-10]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-12]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-12]
CHR Extension: (Slides) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-12]
CHR Extension: (Docs) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-12]
CHR Extension: (Google Drive) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-12]
CHR Extension: (YouTube) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-12]
CHR Extension: (Sheets) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-12]
CHR Extension: (Google Docs Offline) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-12]
CHR Extension: (Gmail) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-12]
CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-12]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-18]
CHR HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2019-01-28] (Intel(R) Driver & Support Assistant -> Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> )
R2 Everything; C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] (David Carpenter -> )
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [431104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.14003.0_x64__8wekyb3d8bbwe\GamingServices.exe [21424 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.14003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21424 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3281920 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529912 2019-12-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\LxssManager.dll [943616 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 LxssManagerUser_13ff9f1; C:\WINDOWS\system32\svchost.exe [57368 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 LxssManagerUser_13ff9f1; C:\WINDOWS\SysWOW64\svchost.exe [47232 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [134248 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [104808 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-08-03] (Intel Corporation -> )
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [70752 2018-01-06] (Nitro Software, Inc. -> Nalpeiron Ltd.)
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [97080 2019-08-12] (ProtonVPN AG -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [471696 2019-09-18] (Rockstar Games, Inc. -> Rockstar Games)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28768 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [55296 2019-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2019-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-12-15] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [295936 2019-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [399440 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] (Intel(R) Software Development Products -> )
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [139896 2019-04-11] (TunnelBear -> TunnelBear)
S3 UdkUserSvc; C:\WINDOWS\System32\windowsudk.shellcommon.dll [1915904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> )
S3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3202360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191872 2019-06-18] (Sony) [File not signed]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-05-16] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4060256 2018-08-03] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 appliand; C:\WINDOWS\system32\DRIVERS\appliand.sys [30304 2017-02-23] (Applian Technologies Inc. -> Applian Technologies Inc.)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [91136 2019-12-07] (Microsoft Windows -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [108352 2019-02-14] (Future Technology Devices International Ltd -> FTDI Ltd.)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2020-01-21] (Microsoft Windows -> Microsoft Corporation)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 hnswfpdriver; C:\WINDOWS\System32\drivers\hnswfpdriver.sys [21304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094792 2018-12-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [186872 2019-12-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37880 2017-05-10] (Intel Corporation -> Intel Corporation)
R3 jakstaVA; C:\WINDOWS\System32\drivers\jaksta_va.sys [103816 2017-02-23] (Jaksta Technologies Pty Ltd -> e2eSoft)
S3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni Oy -> Kinoni)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [170672 2018-06-07] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58888 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [56576 2018-03-21] (SZ DJI Technology Co., Ltd -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-18] (Malwarebytes Corporation -> Malwarebytes)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96BDA80C-7BD4-404C-BEEF-89AE72D7ED4A}\MpKslDrv.sys [43232 2020-01-21] (Microsoft Windows -> Microsoft Corporation)
R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8717088 2019-01-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [83776 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 npf; C:\WINDOWS\system32\DRIVERS\npf.sys [83776 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_643bf39e0746beff\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 P9Rdr; C:\WINDOWS\System32\drivers\p9rdr.sys [91152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rpwkmdrv; C:\WINDOWS\system32\drivers\rpwkmdrv.sys [25696 2017-12-03] (Rapoo1201 -> )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [443296 2019-08-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [287360 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [119424 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-12-19] (Intel Corporation -> )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [56400 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56912 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2019-03-20] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26808 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [213216 2018-10-15] (Oracle Corporation -> Oracle Corporation)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1498624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39224 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-04] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> )
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_4beca0218f643d77\xvdd.sys [478256 2020-01-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-21 15:23 - 2020-01-21 15:24 - 000052590 _____ C:\Users\thoma\Desktop\FRST.txt
2020-01-21 13:12 - 2020-01-21 13:12 - 000000000 ____D C:\Users\thoma\Games
2020-01-21 13:03 - 2020-01-21 13:03 - 000240376 _____ C:\Users\thoma\Downloads\47400267.pdf
2020-01-21 10:57 - 2020-01-21 10:57 - 000000000 ____D C:\Users\thoma\Downloads\Zaklinac
2020-01-21 09:38 - 2020-01-21 09:38 - 001320888 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-01-21 09:38 - 2020-01-21 09:38 - 000149432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-01-21 09:38 - 2020-01-21 09:38 - 000087992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-01-21 09:38 - 2020-01-21 09:38 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-01-21 09:38 - 2020-01-21 09:38 - 000031672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-01-21 00:35 - 2020-01-21 00:47 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Ulozto File Manager
2020-01-21 00:35 - 2020-01-21 00:35 - 000001233 _____ C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ufm.lnk
2020-01-21 00:35 - 2020-01-21 00:35 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulož.to FileManager.lnk
2020-01-21 00:35 - 2020-01-21 00:35 - 000000000 ____D C:\Users\thoma\Downloads\Ulozto
2020-01-21 00:35 - 2020-01-21 00:35 - 000000000 ____D C:\Program Files\Ulozto File Manager
2020-01-18 22:12 - 2020-01-18 22:12 - 000000000 ____D C:\ProgramData\Apple Computer
2020-01-18 22:12 - 2020-01-18 22:12 - 000000000 ____D C:\ProgramData\Apple
2020-01-18 21:34 - 2020-01-18 21:34 - 026271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 024266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 023426560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 018063360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 017539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 010336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 010217784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 008893112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 008185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 007068160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 006690304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 006554632 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 005834240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 004783536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 003814912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 003784720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 003772928 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002970624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 002970624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002918728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002745344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 002601472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002520048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002486288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 002448896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002402976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 002312704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002178248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 002110368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001922048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001751640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001700072 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001655328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001635728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001557304 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001411032 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001352232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 001215328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001204968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001114624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001073784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 001014872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 000707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000692648 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000683520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000540472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000535592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000530680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000497704 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 000416856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000412320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000403768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc_isv.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000342968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-01-18 21:34 - 2020-01-18 21:34 - 000132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000092944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-18 21:34 - 2020-01-18 21:34 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serscan.sys
2020-01-18 21:34 - 2020-01-18 21:34 - 000007206 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-01-07 10:54 - 2019-12-28 04:55 - 011843296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-07 10:54 - 2019-12-28 04:55 - 010169416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-07 10:54 - 2019-12-28 04:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-07 10:54 - 2019-12-28 04:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-07 10:54 - 2019-12-28 04:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-07 10:54 - 2019-12-28 04:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-07 10:54 - 2019-12-28 04:55 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-07 10:54 - 2019-12-28 04:55 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-07 10:54 - 2019-12-28 04:55 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-07 10:54 - 2019-12-28 04:55 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-07 10:54 - 2019-12-28 04:55 - 000450176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-07 10:54 - 2019-12-28 04:55 - 000354520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-07 10:54 - 2019-12-28 04:54 - 002076080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-07 10:54 - 2019-12-28 04:54 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-07 10:54 - 2019-12-28 04:54 - 001145280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-07 10:54 - 2019-12-28 04:54 - 000685256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-07 10:54 - 2019-12-28 04:54 - 000678264 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-07 10:54 - 2019-12-28 04:54 - 000558080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-07 10:54 - 2019-12-28 04:54 - 000544976 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 035380240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 017462152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 015029720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 005383184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 004718512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 001727320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444187.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 001570160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 001492480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444187.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 001371512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 000813984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-07 10:54 - 2019-12-28 04:53 - 000659288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-01-07 10:54 - 2019-12-28 04:49 - 004229024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-21 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-21 15:24 - 2019-05-10 23:57 - 000000000 ____D C:\FRST
2020-01-21 15:23 - 2019-05-10 23:56 - 002572800 _____ (Farbar) C:\Users\thoma\Desktop\FRST64.exe
2020-01-21 15:01 - 2019-12-15 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-21 14:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-21 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-21 14:59 - 2018-09-24 21:20 - 000000000 ____D C:\Users\thoma\AppData\Local\Packages
2020-01-21 14:28 - 2018-09-24 21:34 - 000000000 ____D C:\ProgramData\Packages
2020-01-21 13:47 - 2018-09-24 21:21 - 000000000 ____D C:\Users\thoma\AppData\Local\PlaceholderTileLogoFolder
2020-01-21 13:12 - 2019-12-15 17:34 - 000000000 ____D C:\Users\thoma
2020-01-21 13:12 - 2018-09-24 21:45 - 000000000 ____D C:\Users\thoma\AppData\Local\NVIDIA Corporation
2020-01-21 12:25 - 2018-09-24 21:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-21 11:06 - 2018-09-26 18:17 - 000000000 ____D C:\Users\thoma\AppData\Local\RSG
2020-01-21 09:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-01-21 09:13 - 2019-12-15 17:42 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B284E19D-00AD-45F9-AD3D-49307F7019C7}
2020-01-21 09:10 - 2019-12-15 17:42 - 000003206 _____ C:\WINDOWS\system32\Tasks\Nahimic2UILauncherRun
2020-01-21 09:10 - 2019-12-15 17:42 - 000003194 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc64Run
2020-01-21 09:10 - 2019-12-15 17:42 - 000003186 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc32Run
2020-01-21 09:10 - 2018-09-24 21:31 - 000000000 __SHD C:\Users\thoma\IntelGraphicsProfiles
2020-01-21 00:43 - 2018-10-12 23:56 - 000000000 ____D C:\Users\thoma\AppData\Roaming\vlc
2020-01-20 21:31 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-20 21:30 - 2018-10-04 21:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-20 21:29 - 2019-12-15 17:37 - 001822242 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 21:29 - 2019-12-15 17:27 - 000753170 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-20 21:29 - 2019-12-15 17:27 - 000159300 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-20 21:22 - 2019-12-15 17:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-20 21:22 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 21:22 - 2019-11-12 20:40 - 000008192 ___SH C:\DumpStack.log.tmp
2020-01-20 21:22 - 2019-05-29 20:31 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2020-01-20 21:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-18 22:12 - 2018-09-26 12:37 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Apple Computer
2020-01-18 21:37 - 2018-09-24 21:22 - 000000000 ____D C:\Users\thoma\AppData\Local\D3DSCache
2020-01-18 21:36 - 2019-12-15 17:33 - 000294544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-18 21:36 - 2019-12-15 17:33 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK
2020-01-18 21:36 - 2019-12-15 17:22 - 000000000 ___SD C:\WINDOWS\system32\lxss
2020-01-18 21:36 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-18 21:36 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-01-18 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-18 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-01-18 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-18 21:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-01-18 11:35 - 2019-02-25 18:57 - 000000207 _____ C:\Users\thoma\OneDrive\Dokumenty\prohire.ini
2020-01-14 10:29 - 2019-12-15 17:42 - 000004556 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-14 10:29 - 2019-12-15 17:42 - 000004380 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-01-14 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-14 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-09 22:41 - 2018-09-24 21:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 18:52 - 2018-10-30 22:08 - 000000000 ____D C:\Users\thoma\AppData\Local\ElevatedDiagnostics
2020-01-06 00:17 - 2018-09-24 21:22 - 000000000 ___RD C:\Users\thoma\Dokumenty
2019-12-28 04:49 - 2019-10-30 19:06 - 004963480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-12-27 18:01 - 2019-12-12 15:00 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-24 23:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-24 12:52 - 2019-02-06 20:06 - 000000000 ____D C:\ProhireV5
2019-12-24 11:54 - 2019-10-30 19:06 - 000055783 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-24 09:29 - 2018-09-24 21:31 - 005574128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-12-24 09:29 - 2018-09-24 21:31 - 002655072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-12-24 09:29 - 2018-09-24 21:31 - 001767280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-12-24 09:29 - 2018-09-24 21:31 - 000670048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-12-24 09:29 - 2018-09-24 21:31 - 000454696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-12-24 09:29 - 2018-09-24 21:31 - 000129560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-12-24 09:29 - 2018-09-24 21:31 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-12-22 20:28 - 2018-09-24 21:31 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat

==================== Files in the root of some directories ========

2019-01-21 17:08 - 2019-06-10 21:47 - 000044165 _____ () C:\Users\thoma\AppData\Roaming\downloads.json
2019-03-17 10:38 - 2019-03-17 10:39 - 000000050 _____ () C:\Users\thoma\AppData\Roaming\~SiMPLEX.ini
2018-09-25 00:35 - 2018-09-25 00:35 - 000000000 _____ () C:\Users\thoma\AppData\Local\Driver_AR8171Present.flag
2019-03-17 11:56 - 2019-03-17 11:56 - 000000002 _____ () C:\Users\thoma\AppData\Local\imw.ini
2018-10-11 00:59 - 2019-03-17 13:15 - 000007630 _____ () C:\Users\thoma\AppData\Local\resmon.resmoncfg
2018-11-01 02:33 - 2018-11-01 02:33 - 000000076 _____ () C:\Users\thoma\AppData\Local\update_progress.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

onthomaz
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 24 bře 2013 16:44
Bydliště: F-M

Re: Prosim o kontrolu logu

#2 Příspěvek od onthomaz »

Log z addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by thoma (21-01-2020 15:27:23)
Running from C:\Users\thoma\Desktop
Windows 10 Home Version 2004 19041.21 (X64) (2019-12-16 11:36:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2875869499-1234183625-2204340559-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2875869499-1234183625-2204340559-503 - Limited - Disabled)
Guest (S-1-5-21-2875869499-1234183625-2204340559-501 - Limited - Disabled)
thoma (S-1-5-21-2875869499-1234183625-2204340559-1001 - Administrator - Enabled) => C:\Users\thoma
WDAGUtilityAccount (S-1-5-21-2875869499-1234183625-2204340559-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{E267C808-4C22-457E-B74B-50EAB4AD9030}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{9486AD8F-39F4-470B-92FD-BC423ABAEC43}) (Version: 19.1.4.5 - Intel) Hidden
µTorrent (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.314 - Adobe)
Amazon.com Fire_Devices (HKLM\...\Fire_Devices Drivers) (Version: 2 - Amazon.com)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ApoDispatch Install Configurator (HKLM\...\{86DFBD13-F1EA-43EA-8BF7-05B4A7F40571}) (Version: 2.5.1701 - Nahimic) Hidden
Applian Network Monitor (3.0.8.1) (HKLM-x32\...\Applian Network Monitor) (Version: 3.0.8.1 - Applian Technologies)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.34 - Rivet Networks)
AR8171 Drivers (HKLM\...\{DBB92BB8-0C89-488D-B6B4-74C6C03ABD13}) (Version: 1.0.0.34 - Rivet Networks) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.9 - Arduino LLC)
arduino-create-agent (HKLM-x32\...\arduino-create-agent 1.1) (Version: 1.1 - Arduino LLC)
Attack of the Earthlings (HKLM-x32\...\1786054782_is1) (Version: 1.0.4 - GOG.com)
AudioLaunchpad Install Configurator (HKLM\...\{6876FCDB-9B83-4AAF-B5BD-B84C500C378F}) (Version: 2.5.1701 - Nahimic) Hidden
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
BATTLETECH (HKLM-x32\...\1482783682_is1) (Version: 270b - GOG.com)
Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
CheckDevices Install Configurator (HKLM\...\{FBF14B3C-60CF-43F8-8E83-0DBF072138A3}) (Version: 2.5.1701 - Nahimic) Hidden
Dashcam Viewer version 3.1.5 (64-bit) (HKLM-x32\...\Dashcam Viewer_is1) (Version: 3.1.5 (64-bit) - )
DJI Assistant 2 version V1.1.1 (HKLM-x32\...\{D939E096-78F1-4A32-A711-C1AD3F3D082A}_is1) (Version: V1.1.1 - DJI)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Everything 1.4.1.895 (x64) (HKLM\...\Everything) (Version: 1.4.1.895 - David Carpenter)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.25.0 - Androxyde)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.1.1 - GOG.com)
FVD Downloader Module (HKLM-x32\...\{A3F74A3C-6824-4878-AB46-21280389D09F}) (Version: 1.0.8 - Nimbus)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
GDR 2014 for SQL Server 2017 (KB4494351) (64-bit) (HKLM\...\KB4494351) (Version: 14.0.2014.14 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
iMyFone LockWiper version 3.0.0 (HKLM-x32\...\iMyFone LockWiper_is1) (Version: 3.0.0 - iMyFone)
Intel Extreme Tuning Utility (HKLM-x32\...\{9c09fe2c-7a45-4602-ac8d-9e217e1c3064}) (Version: 6.4.0.5 - Intel Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{E7881916-7C05-419C-B746-7AA9FEF75BA0}) (Version: 6.4.0.5 - Intel Corporation) Hidden
Intel GFX Driver (HKLM-x32\...\{ca0ebadf-f7bd-4e32-9fec-e19a5d68c724}) (Version: 1.0.0.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6519 - Intel Corporation)
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.0.1000 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{b0134461-205a-4d62-bbdc-1fcabdd02645}) (Version: 19.1.4.5 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bb524cb9-b65f-4f06-97f4-48c851e87a57}) (Version: 20.80.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iSunshare Windows Password Genius Advanced Trial 6.1.3 (HKLM-x32\...\iSunshare Windows Password Genius Advanced Trial) (Version: 6.1.3 - iSunshare)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.)
K-Lite Codec Pack 14.5.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
LauncherSetup Install (HKLM\...\{20B69660-B995-43F8-A14A-8DC1DDAF3E8B}) (Version: 2.5.1701 - Nahimic) Hidden
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MDT Player 1.0.6.0 (HKLM-x32\...\{16FE9D4C-7A32-4BC4-B0BC-900E003106B3}_is1) (Version: - SmartWitness Ltd.)
MediaHuman YouTube Downloader 3.9.9.29 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.29 - MediaHuman)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MiniTool Partition Wizard Free 10.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.)
Nahimic 2+ Audio Driver (HKLM\...\{59040F9E-4715-4819-8618-D8C2591FC0B6}) (Version: 2.5.1701 - Nahimic) Hidden
Nahimic 2+ Audio Driver (HKLM-x32\...\{6396d25e-ecfb-4e2d-b88c-0cd08cd78159}) (Version: 2.5.17 - Nahimic)
Nitro Pro (HKLM\...\{58DADE87-307D-4AE5-82AC-76381214D484}) (Version: 11.0.8.470 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NOW TV Player 6.8.0.0 (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\com.bskyb.nowtvplayer_is1) (Version: 6.8.0.0 - NOW TV)
Npcap 0.995 (HKLM-x32\...\NpcapInst) (Version: 0.995 - Nmap Project)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20298 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.4.8-I602-Win10 (HKLM\...\OpenVPN) (Version: 2.4.8-I602-Win10 - OpenVPN Technologies, Inc.)
Oracle VM VirtualBox 5.2.20 (HKLM\...\{B7EC6E32-AA9F-4EC8-ACE6-1DCECE6E4C08}) (Version: 5.2.20 - Oracle Corporation)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
ProductDaemonSetup Install (HKLM\...\{6CC0818B-98D2-4880-AC95-A0C1A4139D72}) (Version: 2.5.1701 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{D03BE6D9-F956-4674-83A6-E7AFA6CC29E7}) (Version: 2.5.1701 - Nahimic) Hidden
ProhireV4 (HKLM-x32\...\{13081B3A-89DB-42AE-9C11-F27A1067F5EF}) (Version: 1.00.000 - Tripoint Ltd)
ProtonVPN (HKLM-x32\...\{8725D84B-70EA-468D-A8F3-D175DA616B52}) (Version: 1.10.1 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.10.1) (Version: 1.10.1 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
RAPID Mode (HKLM\...\{AE75272A-6421-4A65-80F8-31568BCF6E75}) (Version: 1.0.0.101 - Samsung Electronics Co., Ltd.) Hidden
RAPOO MT550 Mouse Driver (HKLM-x32\...\{6D87C470-AD27-4FAF-9087-0390B5AB1100}_is1) (Version: - Rapoo Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
Replay Media Catcher 7 (7.0.2.6) (HKLM-x32\...\Replay Media Catcher 7) (Version: 7.0.2.6 - Applian Technologies)
RescuePRO Deluxe 6.0.2.7 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 6.0.2.7 - LC Technology International, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.4.116 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.1.2010 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
ScreenToGif (HKLM-x32\...\{B18A8955-05E5-4817-9DE4-921EF6E61BC0}) (Version: 2.14.1 - Nicke Manarin)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
SfxArgPassing (HKLM-x32\...\{de9a42e3-462c-4ee8-a403-4db3de1fad42}) (Version: 1.0.0.0 - Intel) Hidden
Shadow Hawk Pack (HKLM-x32\...\1489389825_is1) (Version: 270b - GOG.com)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
SonicMapper Install Configurator (HKLM\...\{8EA5FF84-DD94-4A6D-B167-0594879BA480}) (Version: 2.5.1701 - Nahimic) Hidden
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\Update Engine) (Version: 2.18.14.201810121226 - Sony Mobile Communications Inc.)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 1.3.28 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Thief Simulator MULTi10 - ElAmigos version 1.027 (HKLM-x32\...\{F021886A-488B-4B14-9D53-D34AD95D0448}_is1) (Version: 1.027 - PlayWay S.A.)
thriXXX-Launcher (HKLM-x32\...\thriXXX-Launcher) (Version: - thriXXX Software GmbH)
TomTom MyDrive Connect 4.2.5.3754 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.5.3754 - TomTom)
TunnelBear (HKLM-x32\...\{1713CFE6-1661-47A9-91D3-B35C367FE421}) (Version: 3.7.8.0 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{a30a854f-0c68-44b5-8173-e370fcf4dc7f}) (Version: 3.7.8.0 - TunnelBear)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
UIInstallUpgrade (HKLM\...\{0B3DB68B-84DB-4F26-9971-59AAE0279E09}) (Version: 2.5.1701 - Nahimic) Hidden
Ulož.to FileManager 2.77 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.77 - Uloz.to cloud a.s.)
Unity Web Player (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WD Desktop App 2.1.0.205 (HKLM-x32\...\{caaf4807-00fc-4193-8f1b-d1019aac24c2}) (Version: 2.1.0.205 - Western Digital Technologies, Inc.) Hidden
WD Desktop App 2.1.0.205 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.205 - Western Digital Technologies, Inc.) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.2.256 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Windows Driver Package - Amazon.com (WinUSB) FireDevicesUsbDeviceClass (10/27/2014 1.4.0000.00000) (HKLM\...\34134A59F616767F2CEC57DC0849834538166E22) (Version: 10/27/2014 1.4.0000.00000 - Amazon.com)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)
Xperia Companion (HKLM-x32\...\{1017C503-1AD0-4982-A4DA-406200D7E375}) (Version: 2.5.3.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{8c78e3be-2cef-41ed-91c7-78af87572445}) (Version: 2.5.3.0 - Sony)
Xperia Companion Service (HKLM\...\{3F33E34E-C93B-4779-9B75-174EB86A64E0}) (Version: 2.5.3.0 - Sony) Hidden

Packages:
=========
AdBlock -> C:\Program Files\WindowsApps\BetaFish.AdBlock_2.9.0.0_neutral__c1wakc4j0nefm [2019-08-21] (BetaFish)
Age of Empires II: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSPhoenix_101.101.34397.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Studios)
Age of Empires®: Castle Siege -> C:\Program Files\WindowsApps\Microsoft.AgeCastles_1.26.33.0_x86__8wekyb3d8bbwe [2018-11-10] (Microsoft Studios)
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0 [2019-09-27] (AMZN Mobile LLC)
ARK: Survival Evolved -> C:\Program Files\WindowsApps\StudioWildcard.4558480580BB9_1.45.790.2_x64__1w2mm55455e38 [2019-09-10] (Studio Wildcard)
Bing in Space -> C:\Program Files\WindowsApps\Microsoft.BinginSpace_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-17] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-12-15] (Microsoft Corporation)
Eternal Card Game -> C:\Program Files\WindowsApps\DireWolfDigitalLLC.27948873E1CAB_1.46.9.2_x64__rcm6mb7a7remp [2019-09-10] (Dire Wolf Digital, LLC)
Gaming Services -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.14003.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-22] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-18] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2020-01-18] (Apple Inc.) [Startup Task]
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20248.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
Meteor Showers -> C:\Program Files\WindowsApps\Microsoft.MeteorShowers_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-17] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-22] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.13.9.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.27.2643.0_x64__8wekyb3d8bbwe [2018-10-11] (Microsoft Corporation) [MS Ad]
NcsiUwpApp -> C:\Windows\SystemApps\NcsiUwpApp_8wekyb3d8bbwe [2019-12-15] (Microsoft)
NOW TV -> C:\Program Files\WindowsApps\NOWTV.NOWTV_1.19.0.2_x64__k6nsketb5gh92 [2019-05-18] (Sky UK Limited)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-10-19] (Samsung Electronics Co. Ltd.)
Surviving Mars - Mysteries Resupply Pack (PC) -> C:\Program Files\WindowsApps\ParadoxInteractive.SurvivingMars-MysteriesResupply_1.0.3.0_x64__zfnrdv2de78ny [2020-01-21] (Paradox Interactive)
Surviving Mars -> C:\Program Files\WindowsApps\ParadoxInteractive.SurvivingMars_1.0.7.0_x64__zfnrdv2de78ny [2020-01-21] (Paradox Interactive)
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-06-18] (Synaptics Incorporated)
Tiny Troopers -> C:\Program Files\WindowsApps\GAMETROOPERS.TinyTroopers_1.12.0.28_x86__334sksj6ker18 [2018-12-25] (GAME TROOPERS) [MS Ad]
Tiny Troopers 2: Special Ops -> C:\Program Files\WindowsApps\GAMETROOPERS.TinyTroopers2SpecialOps_1.9.1.3_x86__334sksj6ker18 [2018-12-25] (GAME TROOPERS) [MS Ad]
UDK Package -> C:\Windows\SystemApps\MicrosoftWindows.UndockedDevKit_cw5n1h2txyewy [2019-12-15] (Microsoft Corporation)
UX.Client.ST -> C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy [2019-12-16] (Microsoft Windows)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.4941.0_x64__cv1g1gvanyjgm [2019-10-22] (WhatsApp Inc.)
Windows Search -> C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy [2019-12-15] (Microsoft Corporation)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2001.1001.4.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [Startup Task]
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_460.1910.7001.0_x64__8wekyb3d8bbwe [2019-10-22] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2018-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
SSODL: WDFSMountNotificator-wdfsconnect2017 - {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: OneDrive network states cache SSO -> {78DE489B-7931-4f14-83B4-C56D38AC9FFA} => C:\Windows\System32\Windows.FileExplorer.Common.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: OneDrive network states cache SSO -> {78DE489B-7931-4f14-83B4-C56D38AC9FFA} => C:\Windows\SysWOW64\Windows.FileExplorer.Common.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {6789e045-e383-3deb-9431-bc435de8fb66} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-21] (Mega Limited -> )
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {6789e045-e383-3deb-9431-bc435de8fb66} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) =============

2019-04-30 17:12 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-07-02 07:41 - 2019-07-02 07:41 - 000152064 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2019-08-12 11:08 - 2019-08-12 11:08 - 000484352 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\IPFilter.dll
2019-04-11 13:49 - 2019-04-11 13:49 - 000030720 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.Wrapper.dll
2019-04-11 13:50 - 2019-04-11 13:50 - 000167424 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll
2019-04-30 17:12 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2019-04-30 17:12 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2019-04-30 17:12 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2019-04-30 17:12 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2019-04-30 17:12 - 2014-06-16 16:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLEng.dll
2019-04-30 17:12 - 2013-03-08 07:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-09-26 17:39 - 2018-04-30 13:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-06-11 19:35 - 2015-06-11 19:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2019-05-11 22:37 - 2017-11-10 12:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-23 05:06 - 2020-01-20 21:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-05-12 18:14 - 2019-05-12 18:14 - 000000521 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.247 HUAWEI_P30_Pro-470d7079b7.mshome.net # 2019 5 0 19 17 14 15 27
192.168.137.1 MSI-GL62M-7RDX.mshome.net # 2024 5 5 10 17 14 15 27

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\thoma\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
WiFi: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
WiFi: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
WiFi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
WiFi: Bridge Driver -> ms_l2bridge (enabled)
WiFi: Applian LightWeight Filter -> nt_appliand (enabled)
Local Area Connection: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Local Area Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Local Area Connection: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Local Area Connection: Bridge Driver -> ms_l2bridge (enabled)
Local Area Connection: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet 6: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet 6: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 6: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet 6: Bridge Driver -> ms_l2bridge (enabled)
Ethernet 6: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet 4: Bridge Driver -> ms_l2bridge (enabled)
Ethernet 4: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet 4: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 4: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet: Bridge Driver -> ms_l2bridge (enabled)
Ethernet: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet 3: Bridge Driver -> ms_l2bridge (enabled)
Ethernet 3: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet 3: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 3: Applian LightWeight Filter -> nt_appliand (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "MT550Config"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\StartupFolder: => "Arduino Create Agent.lnk"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{6C75CDEA-8E90-477E-A8DF-4549E595561D}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{DFF63436-A9A5-48E8-9CA5-495F53084381}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{277896E4-C2CF-415B-ABF9-4930EBAE9CDC}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{41B3276A-7A60-4DAC-BC84-E1C1543BE100}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{5A5A769B-AECB-4887-8756-F7282F6D3726}] => (Allow) LPort=54925
FirewallRules: [{A28E5D37-FAC8-4D08-8DFA-D7BFBF7AB144}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{2A3D3DE5-105C-4D8C-8DA6-947AB66D30B7}] => (Allow) LPort=5150
FirewallRules: [{A8EDEC2A-201A-4608-AC80-01D08BF65033}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [{3F6AC329-BBDA-4C2B-A614-2E785E4FD353}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [{8D6965CB-FE2B-414B-9C6C-E19268CC02D5}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [{AF871FD9-B84B-4982-84EE-EC89115634C8}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D632817C-F7E5-4209-885F-516F4D9C694D}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A7C4182C-0279-44FD-8EB8-DBA7C5E26020}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{30C0B565-F183-4616-B934-FD410410949F}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{DAC1A43F-9D0A-4053-9612-01B7B0CD7C3D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{6B0F0D38-4291-4ABA-A3E8-54E8E9546BD2}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [UDP Query User{7A1B5AF8-D0AF-4E4C-8136-CFC12555B168}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Block) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [TCP Query User{87DF6536-1270-45B1-B511-65FA3A17B62C}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Block) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [UDP Query User{DA442FD8-E2CC-43A7-BEE6-EC326126B89F}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Allow) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [TCP Query User{152CA87C-8EB1-4DEC-AB6C-056B1FD73A8C}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Allow) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [UDP Query User{EDDD23FF-40C6-4AFD-B20F-5602031029BA}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{631ED804-6F2F-404E-9C01-B1D2CB7419C7}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{9A3BA01E-A69D-4ACE-91D1-FFA29039AA39}C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{3CF8EB71-C57A-4D58-92AB-C4F933D79231}C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{FE8DE1B5-1868-4852-A27F-2F3FCB63EFAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Argo\argobattleye.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C14A37B0-5A4E-48A0-990F-B5C8A56AAD07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Argo\argobattleye.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query User{48C43D24-8F3C-4CBA-8E27-CA3AE4535CD1}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [TCP Query User{0F2616C1-11E9-4296-BDB4-4FE0B674B769}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{421DCE82-22B0-49E1-BD59-EFB2B453CC20}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{42203433-C44D-4226-A0B0-7A4F1970CDFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{53B50458-E6BD-4353-804C-1DC0B08D8EC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{626835E3-F0B3-4F5C-85BB-B4A4490BDBE1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{63EDBC6C-8373-4BB1-A0DB-6733869311F9}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [{A4AD3296-8A5C-4B48-9980-0DB92BAF5B05}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [UDP Query User{5B3C6BC3-12E9-40FD-B631-AB0957DD8568}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [TCP Query User{D454C1A2-6D39-46CA-A013-DFCACD27A3E3}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [UDP Query User{F69CC10E-0D7F-4635-8A7A-E187B22ADA9B}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [TCP Query User{43D08E5F-7F32-4C53-BD16-FFC9FC317679}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [UDP Query User{4719EE37-D36E-4C13-94AB-4B06AC8A8BCD}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [TCP Query User{919B1A03-3A4B-4239-AC37-F5EB2D26B1FA}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [UDP Query User{4C224DCD-4B6A-459A-9E7E-E8A8BEEA4057}T:\dji drone\bin\dji.com.lib\bin\root.exe] => (Allow) T:\dji drone\bin\dji.com.lib\bin\root.exe (DJI) [File not signed]
FirewallRules: [TCP Query User{F6C748B5-9E4D-49C3-A44D-2248C7B86009}T:\dji drone\bin\dji.com.lib\bin\root.exe] => (Allow) T:\dji drone\bin\dji.com.lib\bin\root.exe (DJI) [File not signed]
FirewallRules: [UDP Query User{3CAD00C2-22F4-4C06-A7DF-9A737028267B}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{FF7C1ACF-419F-4702-B2E3-2DC4E4F0AC5E}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{1272F91C-655E-4274-AEAC-CED0FC63F101}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B512FEF9-AA3A-4018-B335-0751330304B7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{BDF3D579-60C2-4A2E-952D-3106D3B46975}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [{EDECD528-9034-4902-9DDD-5C158F3D6CC7}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe No File
FirewallRules: [{226DF69D-EA8C-4A40-B2BB-0EA05D00964C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{4743FB7E-5CA3-400F-A23D-CD6881971F6F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [UDP Query User{81D7684C-1773-471F-B5ED-1C367393825E}C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [TCP Query User{0EB6A5E5-EE18-4109-AEAA-F680FB91C135}C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{CCF44211-014C-41DD-A528-1994BB24D4A4}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{A96FA3E8-B915-42B4-87E8-EDB88F0D4FF9}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{415811C0-E004-4C5E-B2E2-CAD73F1C2525}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{A96FA3E8-B915-42B4-87E8-EDB88F0D4FF9}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [UDP Query User{9BC2ABEC-3EBB-422E-A2AC-A0F6DAF170CA}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
FirewallRules: [TCP Query User{40080C7E-4969-4222-8F9C-224E49E2ACFD}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
FirewallRules: [UDP Query User{F2FA4B99-16FB-46A7-84C5-23F4DF3E19D3}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (DJI) [File not signed]
FirewallRules: [TCP Query User{91A3ECA6-9CCD-4E7D-A9BD-FD9DA63C0B43}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (DJI) [File not signed]
FirewallRules: [{B1D22EC3-620F-42D8-AB74-96FFCE0AB25B}] => (Allow) C:\Users\thoma\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{630F8F47-2F7B-47C5-BE3C-D56CB606E64C}] => (Allow) C:\Users\thoma\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4C6B27F4-867C-4100-974D-83E877524E73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9ECC9286-F7B0-4E26-A599-FB219C1A2774}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4624BD5B-D40D-45F5-91E6-6425F4F839D2}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [TCP Query User{6523EDBE-CC0F-469E-8699-69A7B02359EF}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{7CD621A1-5952-4330-931E-417C978A0972}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [TCP Query User{6714EF9A-75A2-451F-ACB2-9F36359FF4A0}C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe] => (Allow) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [UDP Query User{53D204A0-39CD-496C-B792-8384EBACD5E9}C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe] => (Allow) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [{8BF80B5B-3134-4CDB-8318-FB110B9DF3B9}] => (Block) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [{B0659A08-6C97-4C8A-96DD-0CFE813277C9}] => (Block) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [{575911BD-7D04-4327-91A9-2EF2D4CCED59}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{AEF8AD6E-C068-46DE-9DDE-FD224767C182}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{E5573AD1-F171-4FDA-A796-B50613683A0E}] => (Allow) C:\Program Files\Java\jre1.8.0_201\bin\java.exe
FirewallRules: [{FBE6F7BF-A992-4E32-9688-9A3396D4F8D7}] => (Allow) C:\Program Files\Java\jre1.8.0_201\bin\java.exe
FirewallRules: [{710E4A2F-75F1-4A6E-8967-F34CCBD5C9C9}] => (Allow) C:\Users\thoma\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{7EAF5E5B-AB1D-46C5-B361-69B9AE2BF212}] => (Allow) C:\Users\thoma\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [TCP Query User{9A32CD74-3626-4F9F-B81E-7163C42A323B}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{51840121-4A0C-4BBF-A775-C0B318AF5C71}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{7DE9AAF3-66CE-4725-BB3E-B8C4CA92713C}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{42D29841-E331-4FCA-B44F-12AEFC470AF4}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{4BB115B2-8253-411B-BD4E-3B043CE3CE01}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{12D9B78F-8A0B-4717-AF17-5E2734D86795}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{2CAF45A3-90F6-43D6-B1BA-6E43EBE699A8}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{F962CD9B-4E80-435E-AB1A-15CA2B114833}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{B98DE540-0076-423E-B1DC-70F1A8F4220F}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{AC90476C-4BA4-45F9-BCFA-5B6075C3E3B6}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{A6898745-7AAF-4934-81E2-A0FB396C730A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A017524B-BECA-49DE-952A-4DA9E4F2DE4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC68B467-056B-4258-9F87-8E723C8A62E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75B4FE44-46A0-4BED-818B-83444222AFBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EAE903AB-B570-4534-9481-314961A4B183}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{48D699B2-EA94-49EA-A8BE-20E84F4B74F1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB93A644-C6B6-473E-8693-0CC5D773B275}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3B266EDE-7291-4D73-A64F-49FCE4E81DDC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8D44304-12B4-43DC-8B52-0F7D84C82588}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FB5FA961-6CC2-474A-B64B-28E9B8402BFA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE214FD5-49A0-4CF4-807B-4A2DDDAA0ABE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C5FF6DA-F879-4710-A2A1-04AD9576ECAD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CACB86D7-256B-4230-8500-E6F0A62386E7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Restore Points =========================

18-01-2020 21:32:48 Windows Modules Installer
20-01-2020 21:21:15 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/21/2020 02:10:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on \\?\Volume{bc03f791-5416-011d-c3d3-dc1a4a815545}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/20/2020 09:21:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (01/20/2020 09:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 9980, ProfSvc PID: 2316.

Error: (01/20/2020 09:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 9980, ProfSvc PID: 2316.

Error: (01/20/2020 09:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 4152, ProfSvc PID: 2316.

Error: (01/20/2020 09:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 16112, ProfSvc PID: 2316.

Error: (01/20/2020 09:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\MoUsoCoreWorker.exe, PID: 14828, ProfSvc PID: 2316.

Error: (01/20/2020 09:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 11800, ProfSvc PID: 2316.


System errors:
=============
Error: (01/21/2020 12:47:20 AM) (Source: DCOM) (EventID: 10010) (User: MSI-GL62M-7RDX)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1_neutral_neutral_cw5n1h2txyewy!App.AppX447jn8wbjb1qsw3jxkndb19cwgsrtrkk.mca did not register with DCOM within the required timeout.

Error: (01/20/2020 09:26:13 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume 16GB encountered a non-retryable error and could not start. The data contains the error code.

Error: (01/20/2020 09:22:55 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 22 failed to bind to its provider.

Error: (01/20/2020 09:22:55 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv4 TCP/IP interface with index 22 failed to bind to its provider.

Error: (01/20/2020 09:22:23 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The NetMsmqActivator service depends on the following service: msmq. This service might not be installed.

Error: (01/20/2020 09:22:23 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (01/20/2020 09:21:45 PM) (Source: DCOM) (EventID: 10010) (User: MSI-GL62M-7RDX)
Description: The server microsoft.windowscommunicationsapps_16005.12026.20248.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (01/18/2020 10:39:10 PM) (Source: DCOM) (EventID: 10010) (User: MSI-GL62M-7RDX)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1_neutral_neutral_cw5n1h2txyewy!App.AppX447jn8wbjb1qsw3jxkndb19cwgsrtrkk.mca did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2020-01-21 15:01:37.9740000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {98E9F961-9149-461D-A67B-2905EED4B508}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-21 14:29:30.7730000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {A8624BF1-04D7-4420-A4A4-356EFE67FF3C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-21 13:10:56.7370000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {B2255B08-4B14-49D5-A320-D8F9537CA468}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-21 13:03:39.7050000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {A3CC947D-C1F0-44E2-BB0A-9FB7AA166776}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-21 12:42:39.5020000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {82C83492-CFAF-4AC6-8F72-FC5B17F1477D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-15 10:38:20.1370000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2260.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-01-15 10:38:20.1350000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2260.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-01-04 10:01:02.7640000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.1571.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-01-04 10:01:02.7570000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.1571.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2019-12-28 11:42:24.6900000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.1260.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

CodeIntegrity:
===================================

Date: 2020-01-21 09:11:05.9330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2020-01-21 09:11:05.9240000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2020-01-20 21:23:51.9330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2020-01-20 21:23:51.9080000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2020-01-18 21:38:53.2510000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-01-18 21:38:53.2230000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-01-18 21:37:57.9130000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2020-01-18 21:37:57.8930000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16J9IMS.324 03/23/2018
Motherboard: Micro-Star International Co., Ltd. MS-16J9
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 44%
Total physical RAM: 16300.36 MB
Available physical RAM: 9097.87 MB
Total Virtual: 18732.36 MB
Available Virtual: 10145.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:433.08 GB) (Free:61.02 GB) NTFS
Drive t: (New Volume) (Fixed) (Total:465.75 GB) (Free:111.52 GB) NTFS

\\?\Volume{f30f1de3-59d5-407b-8e2e-6ee0c1e10f6f}\ () (Fixed) (Total:0.55 GB) (Free:0.1 GB) NTFS
\\?\Volume{bc03f791-5416-011d-c3d3-dc1a4a815545}\ () (Fixed) (Total:17.78 GB) (Free:0 GB) NTFS
\\?\Volume{8304b5fe-28ec-ae6f-dfac-669c5d97ed5d}\ () (Fixed) (Total:6.38 GB) (Free:0 GB) NTFS
\\?\Volume{6e003271-6229-3db8-4268-7b0e12771123}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{1d8e39f6-502a-471a-ade3-f1126c084461}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu logu

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onthomaz
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 24 bře 2013 16:44
Bydliště: F-M

Re: Prosim o kontrolu logu

#4 Příspěvek od onthomaz »

Zdravím

zde je log po vyčištění AdwCleanerem.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-23-2020
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\updateTask
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\Applian Technologies

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1576 octets] - [23/01/2020 14:13:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu logu

#5 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onthomaz
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 24 bře 2013 16:44
Bydliště: F-M

Re: Prosim o kontrolu logu

#6 Příspěvek od onthomaz »

Zdravím,

omlouvám se, že odpovídám teprve nyní.

Zde je nový log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by thoma (administrator) on MSI-GL62M-7RDX (Micro-Star International Co., Ltd. GL62M 7RDX) (05-02-2020 19:01:51)
Running from C:\Users\thoma\Desktop
Loaded Profiles: thoma (Available Profiles: thoma & DefaultAppPool)
Platform: Windows 10 Home Version 2004 19041.21 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\AppLogLib\BrBFLogX.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(David Carpenter -> ) C:\Program Files\Everything\Everything.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_668dd0c6d3f9fa0e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_668dd0c6d3f9fa0e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6b3496dbfbe8b7c6\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6b3496dbfbe8b7c6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.29002.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.29002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.33.5006.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904 2017-07-04] (A-Volute -> Nahimic)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123488 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-12-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2019-01-28] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [49443304 2019-05-11] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [MT550Config] => C:\Program Files (x86)\Rapoo\MT550\MT550Config.exe [17747512 2017-12-05] (Shenzhen Rapoo Technology Co., Ltd. -> TODO: <公司名>)
HKLM-x32\...\Run: [C17A] => C:\WINDOWS\twain_32\Brimc17a\Common\TwDsUiLaunch.exe [94736 2019-10-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-04] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\Jaksta\AC\x64\jaudcap.dll => C:\WINDOWS\Jaksta\AC\x64\jaudcap.dll [309680 2019-08-02] (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Arduino Create Agent.lnk [2019-01-21]
ShortcutTarget: Arduino Create Agent.lnk -> C:\Users\thoma\AppData\Roaming\ArduinoCreateAgent-1.1\Arduino_Create_Bridge.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask => {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} C:\Windows\System32\Windows.UI.Immersive.dll [1250816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {015978C2-2874-472E-809B-674229C589BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0322A434-AF57-49A7-8EE9-BEA7ED431604} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {14DBEA2E-2CCC-474E-9915-7468B25896B4} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery => {C93CF9D5-031B-4AAA-AB0B-EF802347B381} C:\Windows\System32\MBMediaManager.dll [718848 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {176C69C1-387A-4995-BA82-2373F93CC85A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {257B4183-48B2-4ADC-A90C-C7050F991459} - System32\Tasks\Nahimic2svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe [520376 2017-07-04] (A-Volute -> )
Task: {260D1E49-60E1-41CB-87BE-F502BB690CF3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2778BFBE-8B8D-4E62-A9C6-DA04941AC549} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe [1453624 2020-01-22] (Adobe Inc. -> Adobe)
Task: {2C6113D2-0537-4414-838F-74A290BCCCDC} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5607192 2018-04-12] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {2DBC7B4A-F5CE-426B-A8BB-BD6E992D1F1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3827C63B-E7FA-4AC5-8027-7AA332832727} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E9C109A-BB4B-4C21-9CD4-FA7D19D90460} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F6DE2A9-2AC9-483A-B944-E6DD2EBCB28B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {49D526BB-0549-443E-AECE-8BB089697157} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {4BBB39B3-0FD7-4AB6-8D40-7BCF696CE63A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C006673-332A-4BD8-9B23-1CDA1A4EAB01} - System32\Tasks\WD Discovery Service Task thoma => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [68584 2019-05-11] (Western Digital Technologies, Inc. -> )
Task: {534F08A9-DCD8-4886-94C9-8F962A569A20} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CA7A088-9ED5-4148-A719-AC09BBB626CF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A6517AE-3389-43A0-85F2-3E4770EB150C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {6B96BEB8-97E9-4482-9D73-36100E92497D} - System32\Tasks\Nahimic2svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe [4412088 2017-07-04] (A-Volute -> )
Task: {6BDCB86A-104F-4993-824B-5ADD89E1EC67} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {7474D7C4-ADC7-4A56-804F-4D403C08C1F5} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {75BC06BB-A6E4-423D-9C77-1A14B24A9995} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {75D2F8F6-66B8-4A2D-8FF8-F5B39A083724} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2875869499-1234183625-2204340559-1001 => C:\Users\thoma\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-02-20] (Mega Limited -> Mega Limited)
Task: {78291362-4738-4E0B-8DB3-1390706C79D6} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => %windir%\system32\rundll32.exe %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
Task: {794DE1D9-8E3F-40B6-B338-336A640A1A47} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {7D1D5119-011D-41BE-B984-6E48F2BB7F47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E3500C8-3650-46CB-A2DD-7C4DCBE76776} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {938CCAC8-C4F5-47CC-BE3F-744ECDC5E55E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {98B035F8-51B7-473C-A95D-50ED2B0D5EFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B0FDC0F-4927-4EE8-AF1E-A3B598C6EFED} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-22] (Adobe Inc. -> Adobe)
Task: {9CA59CF0-61EE-4813-A105-02DD5E27FBE0} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904 2017-07-04] (A-Volute -> Nahimic)
Task: {9D55309B-0BD4-45AC-86E8-A04D2F4A3705} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {A08E0BB2-B6E1-4353-9FAF-EBA89F25DB65} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {A0EE4455-226C-4D30-A77E-B23BD08FA30F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings => {10D62541-90D0-42FE-848C-0DBC1AC42EDA} C:\Windows\System32\CoreGlobConfig.dll [215896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {A833BF37-9CDA-4EAD-93A6-B7B882DA53FC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF7A8CDF-8ECD-442F-B3AF-19BE0846C384} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => {AD08DCC2-4E35-4486-9D49-547CBD30942D} C:\WINDOWS\System32\MitigationClient.dll [417792 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BCD91470-481F-4F1C-92C7-089D01936F24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BEFA209E-ED82-4C75-91BC-B28E097EFD22} - System32\Tasks\Office 2019 Statique Activation Planificateur => C:\Users\thoma\Downloads\MSOffice_2019\ActO19.cmd -renewalonly
Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable => {8E7C2AFB-72B9-415C-9AC2-5037693309B7} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CDE009B9-721F-476C-A9D4-089589E69DD2} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [431384 2018-02-05] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {D0C42D2F-31AC-4F98-89BA-FF1BD1F65BD5} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {D5F9978C-7BB2-4F54-925A-E03B0497C1E2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146000 2019-03-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {D6FD71C3-DE99-4D78-BCF8-93ACCA8282DC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8ACB615-B480-4BF5-81CD-26A50D506736} - System32\Tasks\WD Device Agent Task thoma => C:\Users\thoma\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [717088 2018-12-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E477CC58-CC9F-4B22-80D6-7CE201687096} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {EBA8775F-F52D-4B67-AE72-B0D76F525B24} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F06408C3-C9A8-49F7-8D73-8539A8DFBED3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
Task: {FAB38A53-F3C9-4972-B257-FE42BEABA3F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
Task: {FB294065-CD26-4A79-900F-06C57F709B24} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FDFA2853-3650-400B-8BE3-736F88495189} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{892863ed-8c80-4f90-9fd7-79f6f4551af2}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{d3ea6b53-e9d4-487c-83d8-9b3567d2ed26}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
BHO: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\thoma\Downloads
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.9.0.0_neutral__c1wakc4j0nefm [2019-08-21]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2875869499-1234183625-2204340559-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\thoma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default [2020-02-05]
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://mail.google.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com"
CHR Extension: (Ultimate Video Saver) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkpfjljjhhonjehpkmgonimjjgaheap [2019-11-19]
CHR Extension: (Universal Bypass) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2020-02-05]
CHR Extension: (Flash Video Downloader) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-08]
CHR Extension: (The Flash Video Dоwnlоader) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2019-06-10]
CHR Extension: (Video Downloader Plus) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\baejfnndpekpkaaancgpakjaengfpopk [2019-07-27]
CHR Extension: (Nectar Notifier) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bilfacghikncbjidkgdenbjimhfkgobo [2019-10-02]
CHR Extension: (Honey) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-01-31]
CHR Extension: (uBlock Origin) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-01-06]
CHR Extension: (Admiral Rewards Notifier) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdcapceknfbckjkhlbheaopbhgclmgj [2020-01-05]
CHR Extension: (Tampermonkey) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-01]
CHR Extension: (Unshorten.link) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbobdaaeaihkghbokihkofcbndhmbdpd [2019-06-19]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2019-10-27]
CHR Extension: (Qmee) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2019-10-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (uBlock Origin Extra) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2019-09-25]
CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-10]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-12]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-12]
CHR Extension: (Slides) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-12]
CHR Extension: (Docs) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-12]
CHR Extension: (Google Drive) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-12]
CHR Extension: (YouTube) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-12]
CHR Extension: (Sheets) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-12]
CHR Extension: (Google Docs Offline) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-12]
CHR Extension: (Gmail) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-12]
CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-12]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-18]
CHR HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2019-01-28] (Intel(R) Driver & Support Assistant -> Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> )
R2 Everything; C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] (David Carpenter -> )
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [431104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.29002.0_x64__8wekyb3d8bbwe\GamingServices.exe [21640 2020-01-31] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.29002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21640 2020-01-31] (Microsoft Corporation -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3281920 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529912 2019-12-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\LxssManager.dll [943616 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 LxssManagerUser_36f85af; C:\WINDOWS\system32\svchost.exe [57368 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 LxssManagerUser_36f85af; C:\WINDOWS\SysWOW64\svchost.exe [47232 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [134248 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [104808 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-08-03] (Intel Corporation -> )
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [70752 2018-01-06] (Nitro Software, Inc. -> Nalpeiron Ltd.)
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [97080 2019-08-12] (ProtonVPN AG -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [471696 2019-09-18] (Rockstar Games, Inc. -> Rockstar Games)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28768 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [55296 2019-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2019-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-12-15] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [295936 2019-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [399440 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] (Intel(R) Software Development Products -> )
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [139896 2019-04-11] (TunnelBear -> TunnelBear)
S3 UdkUserSvc; C:\WINDOWS\System32\windowsudk.shellcommon.dll [1915904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> )
S3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3202360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191872 2019-06-18] (Sony) [File not signed]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-05-16] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4060256 2018-08-03] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 appliand; C:\WINDOWS\system32\DRIVERS\appliand.sys [30304 2017-02-23] (Applian Technologies Inc. -> Applian Technologies Inc.)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [91136 2019-12-07] (Microsoft Windows -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [108352 2019-02-14] (Future Technology Devices International Ltd -> FTDI Ltd.)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2020-01-21] (Microsoft Windows -> Microsoft Corporation)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 hnswfpdriver; C:\WINDOWS\System32\drivers\hnswfpdriver.sys [21304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094792 2018-12-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [186872 2019-12-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37880 2017-05-10] (Intel Corporation -> Intel Corporation)
R3 jakstaVA; C:\WINDOWS\System32\drivers\jaksta_va.sys [103816 2017-02-23] (Jaksta Technologies Pty Ltd -> e2eSoft)
S3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni Oy -> Kinoni)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [170672 2018-06-07] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58888 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [56576 2018-03-21] (SZ DJI Technology Co., Ltd -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-18] (Malwarebytes Corporation -> Malwarebytes)
R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8717088 2019-01-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [83776 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 npf; C:\WINDOWS\system32\DRIVERS\npf.sys [83776 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_e3b2c378aa1f2c84\nvlddmkm.sys [23066104 2020-01-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 P9Rdr; C:\WINDOWS\System32\drivers\p9rdr.sys [91152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rpwkmdrv; C:\WINDOWS\system32\drivers\rpwkmdrv.sys [25696 2017-12-03] (Rapoo1201 -> )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [443296 2019-08-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [287360 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [119424 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-12-19] (Intel Corporation -> )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [56400 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56912 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2019-03-20] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26808 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [213216 2018-10-15] (Oracle Corporation -> Oracle Corporation)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1498624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39224 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-01] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-01] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> )
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_3865f7cd0ca0fb7c\xvdd.sys [485720 2020-01-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-05 19:01 - 2020-02-05 19:02 - 000051131 _____ C:\Users\thoma\Desktop\FRST.txt
2020-02-05 18:34 - 2020-02-05 18:34 - 000000000 ____D C:\Users\thoma\AppData\Local\Brother_Industries,_Ltd
2020-02-05 18:28 - 2020-02-05 18:28 - 010730439 _____ C:\Users\thoma\Downloads\BROTHER L3770 MANUAL.pdf
2020-02-05 18:19 - 2020-02-05 18:19 - 000000000 ____D C:\Program Files (x86)\RemoteSetup
2020-02-05 18:19 - 2020-02-05 18:19 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2020-02-05 18:11 - 2020-02-05 18:11 - 000000000 ____D C:\Users\thoma\Downloads\Install
2020-02-05 17:37 - 2020-02-05 17:37 - 000000000 ____D C:\WINDOWS\LastGood
2020-02-05 17:36 - 2020-02-05 18:34 - 000000000 ___RD C:\Users\thoma\AppData\Roaming\Brother
2020-02-05 17:36 - 2020-02-05 17:36 - 000000000 ____D C:\Users\thoma\AppData\LocalLow\Brother
2020-02-05 17:20 - 2020-02-05 17:45 - 425540536 _____ (SOURCENEXT CORPORATION) C:\Users\thoma\Downloads\Y17E_C1_ULWT_PP-inst-D1.EXE
2020-02-03 17:41 - 2020-02-03 17:41 - 000000000 ____D C:\WINDOWS\Panther
2020-01-31 23:46 - 2020-01-31 23:46 - 000000000 ____D C:\Users\thoma\AppData\Local\Lepší.TV
2020-01-31 23:43 - 2020-01-31 23:43 - 000002619 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lepší.TV.lnk
2020-01-31 23:43 - 2020-01-31 23:43 - 000000000 ____D C:\Program Files (x86)\goNET
2020-01-31 23:02 - 2020-01-31 23:02 - 005720941 _____ C:\Users\thoma\Desktop\TAX RETURN 2018-2019.pdf
2020-01-31 19:23 - 2020-01-31 19:23 - 005570398 _____ C:\Users\thoma\Desktop\viewTaxReturnPdf.pdf
2020-01-31 19:21 - 2020-01-31 19:21 - 000108419 _____ C:\Users\thoma\Desktop\HMRC_ View your calculation - View your full calculation.pdf
2020-01-29 09:40 - 2020-01-29 09:40 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-28 14:55 - 2020-01-07 16:13 - 001081896 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-28 14:55 - 2020-01-07 16:13 - 001081896 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-28 14:55 - 2020-01-07 16:13 - 000940560 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-28 14:55 - 2020-01-07 16:13 - 000940560 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-28 14:55 - 2020-01-07 16:13 - 000462904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-28 14:55 - 2020-01-07 16:13 - 000357960 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-28 14:55 - 2020-01-07 16:12 - 013037560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-28 14:55 - 2020-01-07 16:12 - 011150192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-28 14:55 - 2020-01-07 16:12 - 000701768 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-28 14:55 - 2020-01-07 16:12 - 000568384 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 013380624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 011419376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 005927992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 005230144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 002081296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 001730896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445012.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 001573696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 001491776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 001491528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445012.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 001152624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 000821280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 000687464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 000671896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-01-28 14:55 - 2020-01-07 16:11 - 000553792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-28 14:55 - 2020-01-07 16:10 - 004316624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-23 13:11 - 2020-01-23 13:16 - 000000000 ____D C:\AdwCleaner
2020-01-23 13:10 - 2020-01-23 13:10 - 008237744 _____ (Malwarebytes) C:\Users\thoma\Downloads\adwcleaner_8.0.1.exe
2020-01-22 19:51 - 2020-01-22 22:49 - 000000000 ____D C:\Program Files (x86)\FastShare
2020-01-22 19:51 - 2020-01-22 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastShare
2020-01-22 19:51 - 2019-08-08 08:32 - 009387856 ____N ( ) C:\Users\thoma\Downloads\FastShare_v2.4.0.exe
2020-01-21 12:12 - 2020-01-21 12:12 - 000000000 ____D C:\Users\thoma\Games
2020-01-21 12:03 - 2020-01-21 12:03 - 000240376 _____ C:\Users\thoma\Downloads\47400267.pdf
2020-01-21 08:38 - 2020-01-31 09:58 - 001339552 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-01-21 08:38 - 2020-01-31 09:58 - 000149640 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-01-21 08:38 - 2020-01-31 09:58 - 000088712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-01-21 08:38 - 2020-01-31 09:58 - 000052360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-01-21 08:38 - 2020-01-31 09:58 - 000031672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-01-20 23:35 - 2020-01-20 23:47 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Ulozto File Manager
2020-01-20 23:35 - 2020-01-20 23:35 - 000001233 _____ C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ufm.lnk
2020-01-20 23:35 - 2020-01-20 23:35 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulož.to FileManager.lnk
2020-01-20 23:35 - 2020-01-20 23:35 - 000000000 ____D C:\Users\thoma\Downloads\Ulozto
2020-01-20 23:35 - 2020-01-20 23:35 - 000000000 ____D C:\Program Files\Ulozto File Manager
2020-01-18 21:12 - 2020-01-18 21:12 - 000000000 ____D C:\ProgramData\Apple Computer
2020-01-18 21:12 - 2020-01-18 21:12 - 000000000 ____D C:\ProgramData\Apple
2020-01-18 20:34 - 2020-01-18 20:34 - 026271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 024266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 023426560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 018063360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 017539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 010336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 010217784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 008893112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 008185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 007068160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 006690304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 006554632 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 005834240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 004783536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 003814912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 003784720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 003772928 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002970624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 002970624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002918728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002745344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 002601472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002520048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002486288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 002448896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002402976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 002312704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002178248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 002110368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001922048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001751640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001700072 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001655328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001635728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001557304 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001411032 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001352232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 001215328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001204968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001114624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001073784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 001014872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 000707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000692648 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000683520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000540472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000535592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000530680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000497704 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 000416856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000412320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000403768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc_isv.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000342968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-01-18 20:34 - 2020-01-18 20:34 - 000132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000092944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-18 20:34 - 2020-01-18 20:34 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serscan.sys
2020-01-18 20:34 - 2020-01-18 20:34 - 000007206 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-01-07 09:54 - 2019-12-28 03:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-07 09:54 - 2019-12-28 03:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-07 09:54 - 2019-12-28 03:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-07 09:54 - 2019-12-28 03:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-05 19:02 - 2019-05-10 22:57 - 000000000 ____D C:\FRST
2020-02-05 19:01 - 2019-05-10 22:56 - 002279424 _____ (Farbar) C:\Users\thoma\Desktop\FRST64.exe
2020-02-05 18:54 - 2019-02-25 17:57 - 000000207 _____ C:\Users\thoma\OneDrive\Dokumenty\prohire.ini
2020-02-05 18:34 - 2019-04-30 16:11 - 000000000 ____D C:\ProgramData\Brother
2020-02-05 18:20 - 2019-04-30 16:12 - 000000000 ____D C:\Program Files (x86)\Brother
2020-02-05 18:19 - 2019-04-30 16:12 - 000000000 ____D C:\ProgramData\ControlCenter4
2020-02-05 18:19 - 2019-04-30 16:12 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2020-02-05 18:19 - 2019-04-30 16:12 - 000000000 ____D C:\Program Files (x86)\Browny02
2020-02-05 18:14 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2020-02-05 17:51 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-05 17:12 - 2019-12-15 16:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-05 16:34 - 2019-12-15 16:42 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B284E19D-00AD-45F9-AD3D-49307F7019C7}
2020-02-05 12:25 - 2018-09-24 20:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-05 09:40 - 2019-12-15 16:42 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 09:40 - 2019-12-15 16:42 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-05 09:38 - 2019-12-15 16:42 - 000003206 _____ C:\WINDOWS\system32\Tasks\Nahimic2UILauncherRun
2020-02-05 09:38 - 2019-12-15 16:42 - 000003194 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc64Run
2020-02-05 09:38 - 2019-12-15 16:42 - 000003186 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc32Run
2020-02-05 09:38 - 2018-09-24 20:31 - 000000000 __SHD C:\Users\thoma\IntelGraphicsProfiles
2020-02-04 12:00 - 2018-09-24 20:20 - 000000000 ____D C:\Users\thoma\AppData\Local\Packages
2020-02-04 11:51 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-04 11:51 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-03 17:48 - 2019-12-15 16:37 - 001822242 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-03 17:48 - 2019-12-15 16:27 - 000753170 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-03 17:48 - 2019-12-15 16:27 - 000159300 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-03 17:41 - 2019-12-15 16:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-03 17:41 - 2019-12-15 16:33 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK
2020-02-03 17:41 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-02-03 17:41 - 2019-12-07 09:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-03 17:41 - 2019-11-12 19:40 - 000008192 ___SH C:\DumpStack.log.tmp
2020-02-03 17:41 - 2019-05-29 19:31 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2020-02-03 17:37 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-01 09:25 - 2018-09-24 20:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-28 17:21 - 2018-09-25 18:06 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-01-28 16:29 - 2019-02-06 19:06 - 000000000 ____D C:\ProhireV5
2020-01-28 14:57 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\Help
2020-01-25 20:14 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-25 20:14 - 2018-10-04 20:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-25 20:10 - 2018-09-24 20:22 - 000000000 ____D C:\Users\thoma\AppData\Local\D3DSCache
2020-01-23 23:09 - 2018-09-25 00:05 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-23 23:09 - 2018-09-25 00:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-23 23:06 - 2018-10-12 22:56 - 000000000 ____D C:\Users\thoma\AppData\Roaming\vlc
2020-01-22 22:28 - 2018-09-24 20:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 12:27 - 2019-12-15 16:42 - 000004556 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-22 12:27 - 2019-12-15 16:42 - 000004380 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-01-22 12:27 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-22 12:27 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-21 13:28 - 2018-09-24 20:34 - 000000000 ____D C:\ProgramData\Packages
2020-01-21 12:47 - 2018-09-24 20:21 - 000000000 ____D C:\Users\thoma\AppData\Local\PlaceholderTileLogoFolder
2020-01-21 12:12 - 2019-12-15 16:34 - 000000000 ____D C:\Users\thoma
2020-01-21 12:12 - 2018-09-24 20:45 - 000000000 ____D C:\Users\thoma\AppData\Local\NVIDIA Corporation
2020-01-21 10:06 - 2018-09-26 17:17 - 000000000 ____D C:\Users\thoma\AppData\Local\RSG
2020-01-18 21:12 - 2018-09-26 11:37 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Apple Computer
2020-01-18 20:36 - 2019-12-15 16:33 - 000294544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-18 20:36 - 2019-12-15 16:22 - 000000000 ___SD C:\WINDOWS\system32\lxss
2020-01-18 20:36 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-18 20:36 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-01-18 20:36 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-18 20:36 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-18 20:35 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\servicing
2020-01-08 17:52 - 2018-10-30 21:08 - 000000000 ____D C:\Users\thoma\AppData\Local\ElevatedDiagnostics
2020-01-07 16:10 - 2019-10-30 18:06 - 004843656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

==================== Files in the root of some directories ========

2019-01-21 16:08 - 2019-06-10 20:47 - 000044165 _____ () C:\Users\thoma\AppData\Roaming\downloads.json
2019-03-17 09:38 - 2019-03-17 09:39 - 000000050 _____ () C:\Users\thoma\AppData\Roaming\~SiMPLEX.ini
2018-09-24 23:35 - 2018-09-24 23:35 - 000000000 _____ () C:\Users\thoma\AppData\Local\Driver_AR8171Present.flag
2019-03-17 10:56 - 2019-03-17 10:56 - 000000002 _____ () C:\Users\thoma\AppData\Local\imw.ini
2018-10-10 23:59 - 2019-03-17 12:15 - 000007630 _____ () C:\Users\thoma\AppData\Local\resmon.resmoncfg
2018-11-01 01:33 - 2018-11-01 01:33 - 000000076 _____ () C:\Users\thoma\AppData\Local\update_progress.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

onthomaz
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 24 bře 2013 16:44
Bydliště: F-M

Re: Prosim o kontrolu logu

#7 Příspěvek od onthomaz »

Log z Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by thoma (05-02-2020 19:04:46)
Running from C:\Users\thoma\Desktop
Windows 10 Home Version 2004 19041.21 (X64) (2019-12-16 11:36:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2875869499-1234183625-2204340559-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2875869499-1234183625-2204340559-503 - Limited - Disabled)
Guest (S-1-5-21-2875869499-1234183625-2204340559-501 - Limited - Disabled)
thoma (S-1-5-21-2875869499-1234183625-2204340559-1001 - Administrator - Enabled) => C:\Users\thoma
WDAGUtilityAccount (S-1-5-21-2875869499-1234183625-2204340559-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{E267C808-4C22-457E-B74B-50EAB4AD9030}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{9486AD8F-39F4-470B-92FD-BC423ABAEC43}) (Version: 19.1.4.5 - Intel) Hidden
µTorrent (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.321 - Adobe)
Amazon.com Fire_Devices (HKLM\...\Fire_Devices Drivers) (Version: 2 - Amazon.com)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ApoDispatch Install Configurator (HKLM\...\{86DFBD13-F1EA-43EA-8BF7-05B4A7F40571}) (Version: 2.5.1701 - Nahimic) Hidden
Applian Network Monitor (3.0.8.1) (HKLM-x32\...\Applian Network Monitor) (Version: 3.0.8.1 - Applian Technologies)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.34 - Rivet Networks)
AR8171 Drivers (HKLM\...\{DBB92BB8-0C89-488D-B6B4-74C6C03ABD13}) (Version: 1.0.0.34 - Rivet Networks) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.9 - Arduino LLC)
arduino-create-agent (HKLM-x32\...\arduino-create-agent 1.1) (Version: 1.1 - Arduino LLC)
Attack of the Earthlings (HKLM-x32\...\1786054782_is1) (Version: 1.0.4 - GOG.com)
AudioLaunchpad Install Configurator (HKLM\...\{6876FCDB-9B83-4AAF-B5BD-B84C500C378F}) (Version: 2.5.1701 - Nahimic) Hidden
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
BATTLETECH (HKLM-x32\...\1482783682_is1) (Version: 270b - GOG.com)
BrLauncher (HKLM-x32\...\{88FCD471-DBBF-4A75-8066-ACACE05DE3CF}) (Version: 2.0.14.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Brother Printer Driver (HKLM-x32\...\{815D4CF3-0244-4142-98F8-51E5C7442DB7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{9B59121D-6635-46AC-A602-05B6A3189D2E}) (Version: 1.0.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{01A1E3D8-E030-4A0B-B91E-4E1E8E1E02D3}) (Version: 1.0.23.1 - Brother Industries Ltd.) Hidden
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
BrSupportTools (HKLM-x32\...\{D0F69DE9-EE0B-4A7A-8248-6D5EC97D171C}) (Version: 1.0.23.0 - Brother Industries Ltd.) Hidden
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
CheckDevices Install Configurator (HKLM\...\{FBF14B3C-60CF-43F8-8E83-0DBF072138A3}) (Version: 2.5.1701 - Nahimic) Hidden
ControlCenter4 (HKLM-x32\...\{CAFE5834-5440-41B8-8C56-4DD946A1A5E1}) (Version: 4.6.21.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Dashcam Viewer version 3.1.5 (64-bit) (HKLM-x32\...\Dashcam Viewer_is1) (Version: 3.1.5 (64-bit) - )
DJI Assistant 2 version V1.1.1 (HKLM-x32\...\{D939E096-78F1-4A32-A711-C1AD3F3D082A}_is1) (Version: V1.1.1 - DJI)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1804.1201 - Micro-Star International Co., Ltd.)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Everything 1.4.1.895 (x64) (HKLM\...\Everything) (Version: 1.4.1.895 - David Carpenter)
FastShare.cz version 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.25.0 - Androxyde)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.1.1 - GOG.com)
FVD Downloader Module (HKLM-x32\...\{A3F74A3C-6824-4878-AB46-21280389D09F}) (Version: 1.0.8 - Nimbus)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
GDR 2014 for SQL Server 2017 (KB4494351) (64-bit) (HKLM\...\KB4494351) (Version: 14.0.2014.14 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
iMyFone LockWiper version 3.0.0 (HKLM-x32\...\iMyFone LockWiper_is1) (Version: 3.0.0 - iMyFone)
Intel Extreme Tuning Utility (HKLM-x32\...\{9c09fe2c-7a45-4602-ac8d-9e217e1c3064}) (Version: 6.4.0.5 - Intel Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{E7881916-7C05-419C-B746-7AA9FEF75BA0}) (Version: 6.4.0.5 - Intel Corporation) Hidden
Intel GFX Driver (HKLM-x32\...\{ca0ebadf-f7bd-4e32-9fec-e19a5d68c724}) (Version: 1.0.0.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6519 - Intel Corporation)
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.0.1000 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{b0134461-205a-4d62-bbdc-1fcabdd02645}) (Version: 19.1.4.5 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bb524cb9-b65f-4f06-97f4-48c851e87a57}) (Version: 20.80.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iSunshare Windows Password Genius Advanced Trial 6.1.3 (HKLM-x32\...\iSunshare Windows Password Genius Advanced Trial) (Version: 6.1.3 - iSunshare)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.)
K-Lite Codec Pack 14.5.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
LauncherSetup Install (HKLM\...\{20B69660-B995-43F8-A14A-8DC1DDAF3E8B}) (Version: 2.5.1701 - Nahimic) Hidden
Lepší.TV (HKLM-x32\...\{349BD5DF-877E-4892-8D54-632B13870B0F}) (Version: 1.0.0 - goNET)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MDT Player 1.0.6.0 (HKLM-x32\...\{16FE9D4C-7A32-4BC4-B0BC-900E003106B3}_is1) (Version: - SmartWitness Ltd.)
MediaHuman YouTube Downloader 3.9.9.29 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.29 - MediaHuman)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MiniTool Partition Wizard Free 10.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.)
Nahimic 2+ Audio Driver (HKLM\...\{59040F9E-4715-4819-8618-D8C2591FC0B6}) (Version: 2.5.1701 - Nahimic) Hidden
Nahimic 2+ Audio Driver (HKLM-x32\...\{6396d25e-ecfb-4e2d-b88c-0cd08cd78159}) (Version: 2.5.17 - Nahimic)
NetworkRepairTool (HKLM-x32\...\{96CEE8C3-B934-48A4-ADA6-91B7CE8A5002}) (Version: 1.2.17.0 - Brother Industries, Ltd.) Hidden
Nitro Pro (HKLM\...\{58DADE87-307D-4AE5-82AC-76381214D484}) (Version: 11.0.8.470 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
NOW TV Player 6.8.0.0 (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\com.bskyb.nowtvplayer_is1) (Version: 6.8.0.0 - NOW TV)
Npcap 0.995 (HKLM-x32\...\NpcapInst) (Version: 0.995 - Nmap Project)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 450.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 450.12 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.4.8-I602-Win10 (HKLM\...\OpenVPN) (Version: 2.4.8-I602-Win10 - OpenVPN Technologies, Inc.)
Oracle VM VirtualBox 5.2.20 (HKLM\...\{B7EC6E32-AA9F-4EC8-ACE6-1DCECE6E4C08}) (Version: 5.2.20 - Oracle Corporation)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
ProductDaemonSetup Install (HKLM\...\{6CC0818B-98D2-4880-AC95-A0C1A4139D72}) (Version: 2.5.1701 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{D03BE6D9-F956-4674-83A6-E7AFA6CC29E7}) (Version: 2.5.1701 - Nahimic) Hidden
ProhireV4 (HKLM-x32\...\{13081B3A-89DB-42AE-9C11-F27A1067F5EF}) (Version: 1.00.000 - Tripoint Ltd)
ProtonVPN (HKLM-x32\...\{8725D84B-70EA-468D-A8F3-D175DA616B52}) (Version: 1.10.1 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.10.1) (Version: 1.10.1 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
RAPID Mode (HKLM\...\{AE75272A-6421-4A65-80F8-31568BCF6E75}) (Version: 1.0.0.101 - Samsung Electronics Co., Ltd.) Hidden
RAPOO MT550 Mouse Driver (HKLM-x32\...\{6D87C470-AD27-4FAF-9087-0390B5AB1100}_is1) (Version: - Rapoo Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{FAB8A30A-B074-48F9-9D73-5E9A757403F8}) (Version: 3.10.2.0 - Brother Industries Ltd.) Hidden
Replay Media Catcher 7 (7.0.2.6) (HKLM-x32\...\Replay Media Catcher 7) (Version: 7.0.2.6 - Applian Technologies)
RescuePRO Deluxe 6.0.2.7 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 6.0.2.7 - LC Technology International, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.4.116 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.1.2010 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
ScreenToGif (HKLM-x32\...\{B18A8955-05E5-4817-9DE4-921EF6E61BC0}) (Version: 2.14.1 - Nicke Manarin)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
SfxArgPassing (HKLM-x32\...\{de9a42e3-462c-4ee8-a403-4db3de1fad42}) (Version: 1.0.0.0 - Intel) Hidden
Shadow Hawk Pack (HKLM-x32\...\1489389825_is1) (Version: 270b - GOG.com)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
SonicMapper Install Configurator (HKLM\...\{8EA5FF84-DD94-4A6D-B167-0594879BA480}) (Version: 2.5.1701 - Nahimic) Hidden
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\Update Engine) (Version: 2.18.14.201810121226 - Sony Mobile Communications Inc.)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 1.3.28 - GOG.com)
StatusMonitor (HKLM-x32\...\{D42470A0-E4C3-41C9-9A92-B1B23FD13F8C}) (Version: 1.21.6.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Thief Simulator MULTi10 - ElAmigos version 1.027 (HKLM-x32\...\{F021886A-488B-4B14-9D53-D34AD95D0448}_is1) (Version: 1.027 - PlayWay S.A.)
thriXXX-Launcher (HKLM-x32\...\thriXXX-Launcher) (Version: - thriXXX Software GmbH)
TomTom MyDrive Connect 4.2.5.3754 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.5.3754 - TomTom)
TunnelBear (HKLM-x32\...\{1713CFE6-1661-47A9-91D3-B35C367FE421}) (Version: 3.7.8.0 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{a30a854f-0c68-44b5-8173-e370fcf4dc7f}) (Version: 3.7.8.0 - TunnelBear)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
UIInstallUpgrade (HKLM\...\{0B3DB68B-84DB-4F26-9971-59AAE0279E09}) (Version: 2.5.1701 - Nahimic) Hidden
Ulož.to FileManager 2.77 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.77 - Uloz.to cloud a.s.)
Unity Web Player (HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WD Desktop App 2.1.0.205 (HKLM-x32\...\{caaf4807-00fc-4193-8f1b-d1019aac24c2}) (Version: 2.1.0.205 - Western Digital Technologies, Inc.) Hidden
WD Desktop App 2.1.0.205 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.205 - Western Digital Technologies, Inc.) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.2.256 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Windows Driver Package - Amazon.com (WinUSB) FireDevicesUsbDeviceClass (10/27/2014 1.4.0000.00000) (HKLM\...\34134A59F616767F2CEC57DC0849834538166E22) (Version: 10/27/2014 1.4.0000.00000 - Amazon.com)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)
Xperia Companion (HKLM-x32\...\{1017C503-1AD0-4982-A4DA-406200D7E375}) (Version: 2.5.3.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{8c78e3be-2cef-41ed-91c7-78af87572445}) (Version: 2.5.3.0 - Sony)
Xperia Companion Service (HKLM\...\{3F33E34E-C93B-4779-9B75-174EB86A64E0}) (Version: 2.5.3.0 - Sony) Hidden

Packages:
=========
AdBlock -> C:\Program Files\WindowsApps\BetaFish.AdBlock_2.9.0.0_neutral__c1wakc4j0nefm [2019-08-21] (BetaFish)
Age of Empires II: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSPhoenix_101.101.34397.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Studios)
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0 [2019-09-27] (AMZN Mobile LLC)
ARK: Survival Evolved -> C:\Program Files\WindowsApps\StudioWildcard.4558480580BB9_1.45.790.2_x64__1w2mm55455e38 [2019-09-10] (Studio Wildcard)
Bing in Space -> C:\Program Files\WindowsApps\Microsoft.BinginSpace_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-17] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-12-15] (Microsoft Corporation)
Gaming Services -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.29002.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-22] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-18] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2020-01-18] (Apple Inc.) [Startup Task]
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20248.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
Meteor Showers -> C:\Program Files\WindowsApps\Microsoft.MeteorShowers_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-17] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-22] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.13.9.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.27.2643.0_x64__8wekyb3d8bbwe [2018-10-11] (Microsoft Corporation) [MS Ad]
NcsiUwpApp -> C:\Windows\SystemApps\NcsiUwpApp_8wekyb3d8bbwe [2019-12-15] (Microsoft)
NOW TV -> C:\Program Files\WindowsApps\NOWTV.NOWTV_1.19.0.2_x64__k6nsketb5gh92 [2019-05-18] (Sky UK Limited)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-10-19] (Samsung Electronics Co. Ltd.)
Surviving Mars - Mysteries Resupply Pack (PC) -> C:\Program Files\WindowsApps\ParadoxInteractive.SurvivingMars-MysteriesResupply_1.0.3.0_x64__zfnrdv2de78ny [2020-01-21] (Paradox Interactive)
Surviving Mars -> C:\Program Files\WindowsApps\ParadoxInteractive.SurvivingMars_1.0.7.0_x64__zfnrdv2de78ny [2020-01-21] (Paradox Interactive)
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-06-18] (Synaptics Incorporated)
Tiny Troopers -> C:\Program Files\WindowsApps\GAMETROOPERS.TinyTroopers_1.12.0.28_x86__334sksj6ker18 [2018-12-24] (GAME TROOPERS) [MS Ad]
Tiny Troopers 2: Special Ops -> C:\Program Files\WindowsApps\GAMETROOPERS.TinyTroopers2SpecialOps_1.9.1.3_x86__334sksj6ker18 [2018-12-24] (GAME TROOPERS) [MS Ad]
UDK Package -> C:\Windows\SystemApps\MicrosoftWindows.UndockedDevKit_cw5n1h2txyewy [2019-12-15] (Microsoft Corporation)
UX.Client.ST -> C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy [2019-12-16] (Microsoft Windows)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm [2020-02-04] (WhatsApp Inc.)
Windows Search -> C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy [2019-12-15] (Microsoft Corporation)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2001.1001.4.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [Startup Task]
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_460.1910.7001.0_x64__8wekyb3d8bbwe [2019-10-22] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2018-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
SSODL: WDFSMountNotificator-wdfsconnect2017 - {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: OneDrive network states cache SSO -> {78DE489B-7931-4f14-83B4-C56D38AC9FFA} => C:\Windows\System32\Windows.FileExplorer.Common.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: OneDrive network states cache SSO -> {78DE489B-7931-4f14-83B4-C56D38AC9FFA} => C:\Windows\SysWOW64\Windows.FileExplorer.Common.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-10-27] (Notepad++ -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {6789e045-e383-3deb-9431-bc435de8fb66} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {6789e045-e383-3deb-9431-bc435de8fb66} => C:\Program Files\WD Desktop App\kda.DLL [2018-11-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) =============

2019-04-30 16:12 - 2009-02-27 15:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-04-30 16:12 - 2018-01-18 15:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2019-04-30 16:12 - 2017-12-22 12:53 - 000180224 _____ () [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2019-04-30 16:12 - 2018-01-18 15:39 - 000208896 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2019-04-30 16:12 - 2018-01-18 15:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-07-02 06:41 - 2019-07-02 06:41 - 000152064 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2019-08-12 10:08 - 2019-08-12 10:08 - 000484352 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\IPFilter.dll
2019-04-11 12:49 - 2019-04-11 12:49 - 000030720 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.Wrapper.dll
2019-04-11 12:50 - 2019-04-11 12:50 - 000167424 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll
2019-04-30 16:12 - 2018-05-02 15:25 - 000091648 _____ () [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-04-30 16:12 - 2005-04-22 04:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-09-26 16:39 - 2018-04-30 12:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-10-04 20:53 - 2018-10-04 20:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2018-10-04 20:53 - 2018-10-04 20:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2015-06-11 18:35 - 2015-06-11 18:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-23 04:06 - 2020-02-03 17:41 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-05-12 17:14 - 2019-05-12 17:14 - 000000521 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.247 HUAWEI_P30_Pro-470d7079b7.mshome.net # 2019 5 0 19 17 14 15 27
192.168.137.1 MSI-GL62M-7RDX.mshome.net # 2024 5 5 10 17 14 15 27

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\thoma\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
WiFi: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
WiFi: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
WiFi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
WiFi: Bridge Driver -> ms_l2bridge (enabled)
WiFi: Applian LightWeight Filter -> nt_appliand (enabled)
Local Area Connection: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Local Area Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Local Area Connection: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Local Area Connection: Bridge Driver -> ms_l2bridge (enabled)
Local Area Connection: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet 6: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet 6: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 6: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet 6: Bridge Driver -> ms_l2bridge (enabled)
Ethernet 6: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet 4: Bridge Driver -> ms_l2bridge (enabled)
Ethernet 4: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet 4: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 4: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet: Bridge Driver -> ms_l2bridge (enabled)
Ethernet: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: Applian LightWeight Filter -> nt_appliand (enabled)
Ethernet 3: Bridge Driver -> ms_l2bridge (enabled)
Ethernet 3: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet 3: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 3: Applian LightWeight Filter -> nt_appliand (enabled)
Bluetooth Network Connection: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Bluetooth Network Connection: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Bluetooth Network Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "MT550Config"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\StartupFolder: => "Arduino Create Agent.lnk"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{6C75CDEA-8E90-477E-A8DF-4549E595561D}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{DFF63436-A9A5-48E8-9CA5-495F53084381}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{277896E4-C2CF-415B-ABF9-4930EBAE9CDC}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{41B3276A-7A60-4DAC-BC84-E1C1543BE100}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{5A5A769B-AECB-4887-8756-F7282F6D3726}] => (Allow) LPort=54925
FirewallRules: [{A28E5D37-FAC8-4D08-8DFA-D7BFBF7AB144}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{2A3D3DE5-105C-4D8C-8DA6-947AB66D30B7}] => (Allow) LPort=5150
FirewallRules: [{A8EDEC2A-201A-4608-AC80-01D08BF65033}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [{3F6AC329-BBDA-4C2B-A614-2E785E4FD353}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [{8D6965CB-FE2B-414B-9C6C-E19268CC02D5}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [{AF871FD9-B84B-4982-84EE-EC89115634C8}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D632817C-F7E5-4209-885F-516F4D9C694D}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A7C4182C-0279-44FD-8EB8-DBA7C5E26020}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{30C0B565-F183-4616-B934-FD410410949F}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{DAC1A43F-9D0A-4053-9612-01B7B0CD7C3D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{6B0F0D38-4291-4ABA-A3E8-54E8E9546BD2}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [UDP Query User{7A1B5AF8-D0AF-4E4C-8136-CFC12555B168}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Block) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [TCP Query User{87DF6536-1270-45B1-B511-65FA3A17B62C}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Block) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [UDP Query User{DA442FD8-E2CC-43A7-BEE6-EC326126B89F}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Allow) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [TCP Query User{152CA87C-8EB1-4DEC-AB6C-056B1FD73A8C}C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Allow) C:\users\thoma\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe () [File not signed]
FirewallRules: [UDP Query User{EDDD23FF-40C6-4AFD-B20F-5602031029BA}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{631ED804-6F2F-404E-9C01-B1D2CB7419C7}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{9A3BA01E-A69D-4ACE-91D1-FFA29039AA39}C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{3CF8EB71-C57A-4D58-92AB-C4F933D79231}C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{FE8DE1B5-1868-4852-A27F-2F3FCB63EFAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Argo\argobattleye.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C14A37B0-5A4E-48A0-990F-B5C8A56AAD07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Argo\argobattleye.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query User{48C43D24-8F3C-4CBA-8E27-CA3AE4535CD1}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [TCP Query User{0F2616C1-11E9-4296-BDB4-4FE0B674B769}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{421DCE82-22B0-49E1-BD59-EFB2B453CC20}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{42203433-C44D-4226-A0B0-7A4F1970CDFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{53B50458-E6BD-4353-804C-1DC0B08D8EC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{626835E3-F0B3-4F5C-85BB-B4A4490BDBE1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{63EDBC6C-8373-4BB1-A0DB-6733869311F9}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [{A4AD3296-8A5C-4B48-9980-0DB92BAF5B05}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [UDP Query User{5B3C6BC3-12E9-40FD-B631-AB0957DD8568}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [TCP Query User{D454C1A2-6D39-46CA-A013-DFCACD27A3E3}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe () [File not signed]
FirewallRules: [UDP Query User{F69CC10E-0D7F-4635-8A7A-E187B22ADA9B}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [TCP Query User{43D08E5F-7F32-4C53-BD16-FFC9FC317679}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [UDP Query User{4719EE37-D36E-4C13-94AB-4B06AC8A8BCD}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [TCP Query User{919B1A03-3A4B-4239-AC37-F5EB2D26B1FA}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [UDP Query User{4C224DCD-4B6A-459A-9E7E-E8A8BEEA4057}T:\dji drone\bin\dji.com.lib\bin\root.exe] => (Allow) T:\dji drone\bin\dji.com.lib\bin\root.exe (DJI) [File not signed]
FirewallRules: [TCP Query User{F6C748B5-9E4D-49C3-A44D-2248C7B86009}T:\dji drone\bin\dji.com.lib\bin\root.exe] => (Allow) T:\dji drone\bin\dji.com.lib\bin\root.exe (DJI) [File not signed]
FirewallRules: [UDP Query User{3CAD00C2-22F4-4C06-A7DF-9A737028267B}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{FF7C1ACF-419F-4702-B2E3-2DC4E4F0AC5E}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{1272F91C-655E-4274-AEAC-CED0FC63F101}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B512FEF9-AA3A-4018-B335-0751330304B7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{BDF3D579-60C2-4A2E-952D-3106D3B46975}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [{EDECD528-9034-4902-9DDD-5C158F3D6CC7}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe No File
FirewallRules: [{226DF69D-EA8C-4A40-B2BB-0EA05D00964C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{4743FB7E-5CA3-400F-A23D-CD6881971F6F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [UDP Query User{81D7684C-1773-471F-B5ED-1C367393825E}C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [TCP Query User{0EB6A5E5-EE18-4109-AEAA-F680FB91C135}C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{f4986ddc-3f9e-4061-a447-083f5cf35220}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{CCF44211-014C-41DD-A528-1994BB24D4A4}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{A96FA3E8-B915-42B4-87E8-EDB88F0D4FF9}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{415811C0-E004-4C5E-B2E2-CAD73F1C2525}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{A96FA3E8-B915-42B4-87E8-EDB88F0D4FF9}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [UDP Query User{9BC2ABEC-3EBB-422E-A2AC-A0F6DAF170CA}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
FirewallRules: [TCP Query User{40080C7E-4969-4222-8F9C-224E49E2ACFD}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
FirewallRules: [UDP Query User{F2FA4B99-16FB-46A7-84C5-23F4DF3E19D3}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (DJI) [File not signed]
FirewallRules: [TCP Query User{91A3ECA6-9CCD-4E7D-A9BD-FD9DA63C0B43}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (DJI) [File not signed]
FirewallRules: [{B1D22EC3-620F-42D8-AB74-96FFCE0AB25B}] => (Allow) C:\Users\thoma\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{630F8F47-2F7B-47C5-BE3C-D56CB606E64C}] => (Allow) C:\Users\thoma\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4C6B27F4-867C-4100-974D-83E877524E73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9ECC9286-F7B0-4E26-A599-FB219C1A2774}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4624BD5B-D40D-45F5-91E6-6425F4F839D2}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [TCP Query User{6523EDBE-CC0F-469E-8699-69A7B02359EF}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{7CD621A1-5952-4330-931E-417C978A0972}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [TCP Query User{6714EF9A-75A2-451F-ACB2-9F36359FF4A0}C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe] => (Allow) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [UDP Query User{53D204A0-39CD-496C-B792-8384EBACD5E9}C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe] => (Allow) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [{8BF80B5B-3134-4CDB-8318-FB110B9DF3B9}] => (Block) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [{B0659A08-6C97-4C8A-96DD-0CFE813277C9}] => (Block) C:\program files (x86)\applian technologies\replay media catcher 7\jrmcp.exe (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
FirewallRules: [{575911BD-7D04-4327-91A9-2EF2D4CCED59}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{AEF8AD6E-C068-46DE-9DDE-FD224767C182}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{E5573AD1-F171-4FDA-A796-B50613683A0E}] => (Allow) C:\Program Files\Java\jre1.8.0_201\bin\java.exe
FirewallRules: [{FBE6F7BF-A992-4E32-9688-9A3396D4F8D7}] => (Allow) C:\Program Files\Java\jre1.8.0_201\bin\java.exe
FirewallRules: [{710E4A2F-75F1-4A6E-8967-F34CCBD5C9C9}] => (Allow) C:\Users\thoma\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{7EAF5E5B-AB1D-46C5-B361-69B9AE2BF212}] => (Allow) C:\Users\thoma\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [TCP Query User{9A32CD74-3626-4F9F-B81E-7163C42A323B}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{51840121-4A0C-4BBF-A775-C0B318AF5C71}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{7DE9AAF3-66CE-4725-BB3E-B8C4CA92713C}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{42D29841-E331-4FCA-B44F-12AEFC470AF4}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{4BB115B2-8253-411B-BD4E-3B043CE3CE01}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{12D9B78F-8A0B-4717-AF17-5E2734D86795}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{2CAF45A3-90F6-43D6-B1BA-6E43EBE699A8}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{F962CD9B-4E80-435E-AB1A-15CA2B114833}] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{B98DE540-0076-423E-B1DC-70F1A8F4220F}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{AC90476C-4BA4-45F9-BCFA-5B6075C3E3B6}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{A6898745-7AAF-4934-81E2-A0FB396C730A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A017524B-BECA-49DE-952A-4DA9E4F2DE4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC68B467-056B-4258-9F87-8E723C8A62E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75B4FE44-46A0-4BED-818B-83444222AFBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48D699B2-EA94-49EA-A8BE-20E84F4B74F1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB93A644-C6B6-473E-8693-0CC5D773B275}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3B266EDE-7291-4D73-A64F-49FCE4E81DDC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8D44304-12B4-43DC-8B52-0F7D84C82588}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FB5FA961-6CC2-474A-B64B-28E9B8402BFA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE214FD5-49A0-4CF4-807B-4A2DDDAA0ABE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C5FF6DA-F879-4710-A2A1-04AD9576ECAD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CACB86D7-256B-4230-8500-E6F0A62386E7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{38F06DC1-6CFE-46F7-A85E-B9D935CC389A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4B975EC2-620D-4545-A963-DD0E89409382}] => (Allow) LPort=54925

==================== Restore Points =========================

28-01-2020 14:12:17 Scheduled Checkpoint
30-01-2020 09:56:49 Windows Modules Installer
31-01-2020 23:42:56 Nainstalováno: Lepší.TV
05-02-2020 17:36:44 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/05/2020 12:35:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ProhireClient.exe version 4.11.3.29 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2e28

Start Time: 01d5dc1fe5596116

Termination Time: 11

Application Path: C:\ProhireV5\ProhireClient.exe

Report Id: 29c6b02a-ecab-45e2-bdde-f71481174b5a

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (02/04/2020 12:47:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on \\?\Volume{8304b5fe-28ec-ae6f-dfac-669c5d97ed5d}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/04/2020 12:47:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on \\?\Volume{bc03f791-5416-011d-c3d3-dc1a4a815545}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/03/2020 05:40:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/03/2020 05:40:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (01/30/2020 06:04:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ProhireClient.exe version 4.11.3.29 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 888

Start Time: 01d5d7954e5da283

Termination Time: 21

Application Path: C:\ProhireV5\ProhireClient.exe

Report Id: 1885846c-b1a9-4e32-8f4c-313b13e365b6

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (01/30/2020 04:52:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ProhireClient.exe version 4.11.3.29 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1a40

Start Time: 01d5d78b48e5c19c

Termination Time: 4294967295

Application Path: C:\ProhireV5\ProhireClient.exe

Report Id: 8b11836f-b0e1-4876-a4c2-e2e4a35f7c89

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (01/30/2020 04:04:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ProhireClient.exe version 4.11.3.29 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2340

Start Time: 01d5d76d068d14fd

Termination Time: 4294967295

Application Path: C:\ProhireV5\ProhireClient.exe

Report Id: 9a1743bd-3471-46b0-bc3f-d50befdba564

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle


System errors:
=============
Error: (02/04/2020 02:41:07 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "3E8210453D46" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (02/04/2020 02:41:07 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "3E8210453D46" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (02/04/2020 11:51:02 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.

Error: (02/04/2020 11:49:14 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "52B438147D17" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (02/04/2020 11:49:14 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "52B438147D17" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (02/03/2020 05:42:06 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 22 failed to bind to its provider.

Error: (02/03/2020 05:42:06 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv4 TCP/IP interface with index 22 failed to bind to its provider.

Error: (02/03/2020 05:41:33 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The NetMsmqActivator service depends on the following service: msmq. This service might not be installed.


Windows Defender:
===================================
Date: 2020-02-04 11:43:21.7150000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {D9030DEC-9B3A-4992-A620-C58B84895B18}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-04 11:14:12.4180000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {908EB513-F76E-4488-8F78-DCD36CE03EA3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-04 11:00:39.5590000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {5A7CC293-3914-42B8-A0B4-68FF145574FF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-04 10:15:03.8000000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {DEEDD768-FF32-4564-9E42-5B392E442AB4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-04 09:59:16.5740000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {1AC3BA4D-2466-462F-90DA-079D6FEFE2FF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-15 09:38:20.1370000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2260.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-01-15 09:38:20.1350000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2260.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-01-04 09:01:02.7640000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.1571.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-01-04 09:01:02.7570000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.1571.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2019-12-28 10:42:24.6900000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.1260.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.

CodeIntegrity:
===================================

Date: 2020-02-05 14:38:52.6530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2020-02-05 14:38:52.6470000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2020-02-05 13:03:26.5910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-05 13:03:26.5850000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-05 09:39:04.2780000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2020-02-05 09:39:04.2690000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2020-02-04 22:20:58.4560000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2020-02-04 22:20:58.4240000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16J9IMS.324 03/23/2018
Motherboard: Micro-Star International Co., Ltd. MS-16J9
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 38%
Total physical RAM: 16300.36 MB
Available physical RAM: 10044.9 MB
Total Virtual: 18732.36 MB
Available Virtual: 11167.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:433.08 GB) (Free:78.11 GB) NTFS
Drive t: (New Volume) (Fixed) (Total:465.75 GB) (Free:99.53 GB) NTFS

\\?\Volume{f30f1de3-59d5-407b-8e2e-6ee0c1e10f6f}\ () (Fixed) (Total:0.55 GB) (Free:0.1 GB) NTFS
\\?\Volume{bc03f791-5416-011d-c3d3-dc1a4a815545}\ () (Fixed) (Total:17.78 GB) (Free:0 GB) NTFS
\\?\Volume{8304b5fe-28ec-ae6f-dfac-669c5d97ed5d}\ () (Fixed) (Total:6.38 GB) (Free:0 GB) NTFS
\\?\Volume{6e003271-6229-3db8-4268-7b0e12771123}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{1d8e39f6-502a-471a-ade3-f1126c084461}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu logu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File
AlternateDataStreams: C:\Windows:nlsPreferences [386]
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{6C75CDEA-8E90-477E-A8DF-4549E595561D}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{DFF63436-A9A5-48E8-9CA5-495F53084381}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{277896E4-C2CF-415B-ABF9-4930EBAE9CDC}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{41B3276A-7A60-4DAC-BC84-E1C1543BE100}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{A8EDEC2A-201A-4608-AC80-01D08BF65033}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [{3F6AC329-BBDA-4C2B-A614-2E785E4FD353}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [UDP Query User{F69CC10E-0D7F-4635-8A7A-E187B22ADA9B}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [TCP Query User{43D08E5F-7F32-4C53-BD16-FFC9FC317679}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [UDP Query User{4719EE37-D36E-4C13-94AB-4B06AC8A8BCD}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [TCP Query User{919B1A03-3A4B-4239-AC37-F5EB2D26B1FA}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [UDP Query User{3CAD00C2-22F4-4C06-A7DF-9A737028267B}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{FF7C1ACF-419F-4702-B2E3-2DC4E4F0AC5E}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [{EDECD528-9034-4902-9DDD-5C158F3D6CC7}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe No File
FirewallRules: [{226DF69D-EA8C-4A40-B2BB-0EA05D00964C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{BDF3D579-60C2-4A2E-952D-3106D3B46975}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [UDP Query User{9BC2ABEC-3EBB-422E-A2AC-A0F6DAF170CA}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
FirewallRules: [TCP Query User{40080C7E-4969-4222-8F9C-224E49E2ACFD}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {F06408C3-C9A8-49F7-8D73-8539A8DFBED3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
Task: {FAB38A53-F3C9-4972-B257-FE42BEABA3F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
BHO: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
BHO-x32: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\thoma\AppData\Roaming\~SiMPLEX.ini

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onthomaz
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 24 bře 2013 16:44
Bydliště: F-M

Re: Prosim o kontrolu logu

#9 Příspěvek od onthomaz »

Zde je log po vycisteni

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by thoma (11-02-2020 09:30:08) Run:1
Running from C:\Users\thoma\Desktop
Loaded Profiles: thoma (Available Profiles: thoma & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-2875869499-1234183625-2204340559-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\thoma\AppData\Local\Kingsoft\WPS Office\11.2.0.9052\office6\kwpsmenushellext64.dll -> No File
AlternateDataStreams: C:\Windows:nlsPreferences [386]
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{6C75CDEA-8E90-477E-A8DF-4549E595561D}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{DFF63436-A9A5-48E8-9CA5-495F53084381}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe No File
FirewallRules: [{277896E4-C2CF-415B-ABF9-4930EBAE9CDC}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{41B3276A-7A60-4DAC-BC84-E1C1543BE100}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe No File
FirewallRules: [{A8EDEC2A-201A-4608-AC80-01D08BF65033}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [{3F6AC329-BBDA-4C2B-A614-2E785E4FD353}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe No File
FirewallRules: [UDP Query User{F69CC10E-0D7F-4635-8A7A-E187B22ADA9B}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [TCP Query User{43D08E5F-7F32-4C53-BD16-FFC9FC317679}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [UDP Query User{4719EE37-D36E-4C13-94AB-4B06AC8A8BCD}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [TCP Query User{919B1A03-3A4B-4239-AC37-F5EB2D26B1FA}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [UDP Query User{3CAD00C2-22F4-4C06-A7DF-9A737028267B}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{FF7C1ACF-419F-4702-B2E3-2DC4E4F0AC5E}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe No File
FirewallRules: [{EDECD528-9034-4902-9DDD-5C158F3D6CC7}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe No File
FirewallRules: [{226DF69D-EA8C-4A40-B2BB-0EA05D00964C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{BDF3D579-60C2-4A2E-952D-3106D3B46975}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [UDP Query User{9BC2ABEC-3EBB-422E-A2AC-A0F6DAF170CA}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
FirewallRules: [TCP Query User{40080C7E-4969-4222-8F9C-224E49E2ACFD}T:\games\cosmonautica\bin\cosmonautica.exe] => (Allow) T:\games\cosmonautica\bin\cosmonautica.exe No File
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {F06408C3-C9A8-49F7-8D73-8539A8DFBED3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
Task: {FAB38A53-F3C9-4972-B257-FE42BEABA3F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-24] (Google Inc -> Google Inc.)
BHO: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
BHO-x32: No Name -> {23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' -> No File
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\thoma\AppData\Roaming\~SiMPLEX.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B} => removed successfully
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
HKU\S-1-5-21-2875869499-1234183625-2204340559-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
C:\Windows => ":nlsPreferences" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\OpenSSH-Server-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C75CDEA-8E90-477E-A8DF-4549E595561D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFF63436-A9A5-48E8-9CA5-495F53084381}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{277896E4-C2CF-415B-ABF9-4930EBAE9CDC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{41B3276A-7A60-4DAC-BC84-E1C1543BE100}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8EDEC2A-201A-4608-AC80-01D08BF65033}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F6AC329-BBDA-4C2B-A614-2E785E4FD353}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F69CC10E-0D7F-4635-8A7A-E187B22ADA9B}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{43D08E5F-7F32-4C53-BD16-FFC9FC317679}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4719EE37-D36E-4C13-94AB-4B06AC8A8BCD}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{919B1A03-3A4B-4239-AC37-F5EB2D26B1FA}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3CAD00C2-22F4-4C06-A7DF-9A737028267B}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FF7C1ACF-419F-4702-B2E3-2DC4E4F0AC5E}T:\games\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDECD528-9034-4902-9DDD-5C158F3D6CC7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{226DF69D-EA8C-4A40-B2BB-0EA05D00964C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BDF3D579-60C2-4A2E-952D-3106D3B46975}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9BC2ABEC-3EBB-422E-A2AC-A0F6DAF170CA}T:\games\cosmonautica\bin\cosmonautica.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{40080C7E-4969-4222-8F9C-224E49E2ACFD}T:\games\cosmonautica\bin\cosmonautica.exe" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F06408C3-C9A8-49F7-8D73-8539A8DFBED3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F06408C3-C9A8-49F7-8D73-8539A8DFBED3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FAB38A53-F3C9-4972-B257-FE42BEABA3F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAB38A53-F3C9-4972-B257-FE42BEABA3F4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23ECF60B-C3D2-4A52-A763-59DB7EE1A4B1}' => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\thoma\AppData\Roaming\~SiMPLEX.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21165767 B
Java, Flash, Steam htmlcache => 159894541 B
Windows/system/drivers => 39251284 B
Edge => 2121958 B
Chrome => 769238201 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 254662 B
thoma => 145817937 B
SQLTELEMETRY$SQLEXPRESS => 145817937 B
MSSQL$SQLEXPRESS => 145817937 B
DefaultAppPool => 145817937 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:33:08 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu logu

#10 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onthomaz
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 24 bře 2013 16:44
Bydliště: F-M

Re: Prosim o kontrolu logu

#11 Příspěvek od onthomaz »

Děkuji za pomoc a hlavně Váš čas :worship: :thumbsup:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu logu

#12 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno