Preventivka HDD space

Zpráva

Y0G1 · #1 Příspěvek od **Y0G1** » 21 čer 2020 19:40

Dobry den vam prajem rad by som o preventivku . Nakolko sa mi kazdy den meni velkost HDD mal som napr 710 a aktualne mam 611 (hru som instaloval o velkosti 50gb)
Pripadne len precistit zbytocne subory atd Dakujem velmi pekne

LOG

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2020-06-21 20:38:24
Microsoft Windows 10 Pro
System drive C: has 626 GB (66%) free of 953 GB
Total RAM: 16338 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:26, on 21. 6. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\ProgramData\Battle.net\Agent\Agent.7093\Agent.exe
C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
O4 - HKCU\..\Run: [Synapse3] "C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\Martin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'Default user')
O4 - Startup: Twitch.lnk = C:\Users\Martin\AppData\Roaming\Twitch\Bin\Twitch.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_4573a - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service: Razer Synapse Service - Razer Inc. - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Twitch Service (TwitchService) - Unknown owner - C:\Program Files\Common Files\Twitch\TwitchService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9103 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe"

"C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe"
Global\GameInputSession_1
dashost.exe {8a74215f-8c75-491b-8b05805242b15bdd}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k netsvcs
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe"
"C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe"

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1928,13764207885333141402,7705777742703924466,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=9436655873484584948 --mojo-platform-channel-handle=1992 /prefetch:2
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20052.148.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Riot Vanguard\vgtray.exe"

"C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\WindowsApps\Microsoft.GamingApp_2006.2001.18.0_x64__8wekyb3d8bbwe\XboxAppServices.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1928,13764207885333141402,7705777742703924466,131072 --disable-features=VizDisplayCompositor --service-pipe-token=6976654057914548631 --lang=en-US --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6976654057914548631 --renderer-client-id=4 --mojo-platform-channel-handle=2512 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\ProgramData\Battle.net\Agent\Agent.7093\Agent.exe" --session=9056735467982965751
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe"
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=gpu-process --field-trial-handle=3564,2176344239652471353,522756497816103093,131072 --disable-features=HardwareMediaKeyHandling --no-sandbox --log-file="C:\Users\Martin\AppData\Local\Battle.net\Logs\libcef-20200621T143050.513651.log" --log-severity=error --product-version="Battle.net/1.22.0.12040 (retail) Chrome/75.0.3770.100" --lang=en-US --watch-browser-pid=9116 --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Martin\AppData\Local\Battle.net\Logs\libcef-20200621T143050.513651.log" --service-request-channel-token=8269105836054973825 --mojo-platform-channel-handle=3568 /prefetch:2 --battle-net-helper=Battle.net.12040
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=utility --field-trial-handle=3564,2176344239652471353,522756497816103093,131072 --disable-features=HardwareMediaKeyHandling --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\Users\Martin\AppData\Local\Battle.net\Logs\libcef-20200621T143050.513651.log" --log-severity=error --product-version="Battle.net/1.22.0.12040 (retail) Chrome/75.0.3770.100" --lang=en-US --watch-browser-pid=9116 --log-file="C:\Users\Martin\AppData\Local\Battle.net\Logs\libcef-20200621T143050.513651.log" --service-request-channel-token=7235593811926328208 --mojo-platform-channel-handle=4780 /prefetch:8 --battle-net-helper=Battle.net.12040

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20032.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe"
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
"C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=gpu-process --field-trial-handle=1796,17988010083459281778,12941231425320106470,131072 --disable-features=SpareRendererForSitePerProcess --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=14723420952000222766 --mojo-platform-channel-handle=1844 --ignored=" --type=renderer " /prefetch:2
C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera_crashreporter.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=68.0.3618.165 --initial-client-data=0x35c,0x360,0x364,0x338,0x368,0x7ffc78b7c048,0x7ffc78b7c058,0x7ffc78b7c068
"C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=utility --field-trial-handle=1796,17988010083459281778,12941231425320106470,131072 --disable-features=SpareRendererForSitePerProcess --lang=sk --service-sandbox-type=network --service-request-channel-token=4623373457649308269 --mojo-platform-channel-handle=2240 /prefetch:8
C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe --no-rate-limit --no-upload-gzip --type=crash-handler "--crashes-directory=C:\Users\Martin\AppData\Local\Temp\Discord Crashes" "--database=C:\Users\Martin\AppData\Local\Temp\Discord Crashes" "--metrics-dir=C:\Users\Martin\AppData\Local\Temp\Discord Crashes" --url=https://sentry.io/api/146342/minidump/? ... be03b2b35a --initial-client-data=0xa6c,0x950,0xa3c,0xa78,0xa04,0x55fd090,0x55fd0a0,0x55fd0ac
"C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1796,17988010083459281778,12941231425320106470,131072 --disable-features=SpareRendererForSitePerProcess --disable-gpu-compositing --lang=sk --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Martin\AppData\Local\Discord\app-0.0.306\resources\app.asar" --no-sandbox --no-zygote --native-window-open --preload="C:\Users\Martin\AppData\Roaming\discord\0.0.306\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#202225 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3884102943135860451 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2696 /prefetch:1
"C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/UplayWebCore.exe" --type=renderer --no-sandbox --disable-features=TouchpadAndWheelScrollLatching --service-pipe-token=465D751F6D3ED0F1D59B294249DBB715 --lang=en-US --locales-dir-path="C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/locales/1/" --log-file="C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\debug.log" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=465D751F6D3ED0F1D59B294249DBB715 --renderer-client-id=5 --mojo-platform-channel-handle=2452 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=gpu-process --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1916 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=utility --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --service-sandbox-type=network --enable-quic --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --mojo-platform-channel-handle=1992 /prefetch:8
"C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/UplayWebCore.exe" --type=renderer --no-sandbox --disable-features=TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=1B81CF5F6ED909608DAE14A9647653AF --lang=en-US --locales-dir-path="C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/locales/1/" --log-file="C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\debug.log" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=1B81CF5F6ED909608DAE14A9647653AF --renderer-client-id=6 --mojo-platform-channel-handle=2828 /prefetch:1
"C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/UplayWebCore.exe" --type=renderer --no-sandbox --disable-features=TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=A9613A703D2BE3F66EB3395F1DD9F5F4 --lang=en-US --locales-dir-path="C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/locales/1/" --log-file="C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\debug.log" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=A9613A703D2BE3F66EB3395F1DD9F5F4 --renderer-client-id=7 --mojo-platform-channel-handle=2812 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2972 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --extension-process --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2988 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3776 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3856 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3844 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3832 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=utility --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --service-sandbox-type=audio --enable-quic --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --mojo-platform-channel-handle=3768 /prefetch:8
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --extension-process --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
"C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/UplayWebCore.exe" --type=renderer --no-sandbox --disable-features=TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=433CC67EA2A04446A922CFB400158CA4 --lang=en-US --locales-dir-path="C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/locales/1/" --log-file="C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\debug.log" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=433CC67EA2A04446A922CFB400158CA4 --renderer-client-id=8 --mojo-platform-channel-handle=4136 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x790
"C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=utility --field-trial-handle=1796,17988010083459281778,12941231425320106470,131072 --disable-features=SpareRendererForSitePerProcess --lang=sk --service-sandbox-type=audio --service-request-channel-token=12077085031496676423 --mojo-platform-channel-handle=2960 /prefetch:8
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Martin\AppData\Local\Steam\htmlcache" "-steampid=11384" "-buildid=1591251555" "-steamid=0" "-steamuniverse=Public" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Martin\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1591251555 --initial-client-data=0x318,0x320,0x31c,0x30c,0x324,0x7ffcb52ebed0,0x7ffcb52ebee0,0x7ffcb52ebef0
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1536,15957368046048322189,3258376643177384039,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=sk-SK --buildid=1591251555 --steamid=0 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=3876769559460503200 --mojo-platform-channel-handle=1544 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --field-trial-handle=1536,15957368046048322189,3258376643177384039,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --lang=sk --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=sk-SK --buildid=1591251555 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=5057960935123477376 --mojo-platform-channel-handle=1836 /prefetch:8
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1536,15957368046048322189,3258376643177384039,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1591251555 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13215407510196202466 --renderer-client-id=5 --mojo-platform-channel-handle=2716 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1536,15957368046048322189,3258376643177384039,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1591251555 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=11084890344523755796 --renderer-client-id=6 --mojo-platform-channel-handle=2864 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1536,15957368046048322189,3258376643177384039,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1591251555 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2900023501403820759 --renderer-client-id=7 --mojo-platform-channel-handle=3028 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
taskhostw.exe
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2464 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=185 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9228 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=206 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8332 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=211 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10088 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=217 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8924 /prefetch:1

"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=218 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9440 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=219 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=221 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1

"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=223 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=224 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9580 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=229 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=233 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=245 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
"C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe" --type=renderer --field-trial-handle=1820,7881579496974549615,10458243330455645188,131072 --lang=sk --enable-auto-reload --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-70598-ref:DNA-70598 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=247 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 792 796 804 8192 800
"C:\Users\Martin\AppData\Local\Temp\scoped_dir10608_51821163\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-14 84992]
"Riot Vanguard"=C:\Program Files\Riot Vanguard\vgtray.exe [2020-06-13 353776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-05-22 29072568]
"Battle.net"=C:\Program Files (x86)\Battle.net\Battle.net.exe [2020-05-29 1136104]
"Synapse3"=C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [2020-03-30 3511536]
"Opera Browser Assistant"=C:\Users\Martin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2020-06-18 3004440]

C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Twitch.lnk - C:\Users\Martin\AppData\Roaming\Twitch\Bin\Twitch.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-06-21 20:38:24 ----D---- C:\rsit
2020-06-18 15:52:53 ----HD---- C:\$WinREAgent
2020-06-14 18:10:40 ----D---- C:\ProgramData\AVG
2020-06-09 19:35:57 ----D---- C:\ProgramData\obs-studio-hook
2020-06-06 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-06 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-06-06 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-06-06 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-06-06 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2020-06-06 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2020-06-06 11:30:14 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-06 11:30:14 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-06-06 11:30:14 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-06 11:30:14 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-06-06 11:30:14 ----A---- C:\WINDOWS\system32\OpenCL.dll
2020-06-06 11:30:14 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvdispgenco6444614.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvdispco6444614.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-06-06 11:30:13 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-06-06 11:30:12 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll

======List of files/folders modified in the last 1 month======

2020-06-21 20:38:25 ----D---- C:\WINDOWS\Temp
2020-06-21 20:38:25 ----D---- C:\Program Files\trend micro
2020-06-21 20:36:16 ----D---- C:\Users\Martin\AppData\Roaming\Discord
2020-06-21 20:34:01 ----D---- C:\WINDOWS\system32\sru
2020-06-21 20:21:32 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-06-21 18:30:27 ----RD---- C:\WINDOWS\Microsoft.NET
2020-06-21 18:19:19 ----D---- C:\Users\Martin\AppData\Roaming\Twitch
2020-06-21 17:52:20 ----D---- C:\Program Files (x86)\Steam
2020-06-21 17:50:09 ----D---- C:\WINDOWS\system32\SleepStudy
2020-06-21 16:32:26 ----D---- C:\WINDOWS\AppReadiness
2020-06-21 16:30:26 ----D---- C:\ProgramData\NVIDIA
2020-06-21 16:29:55 ----SHDC---- C:\WINDOWS\Installer
2020-06-21 16:28:42 ----D---- C:\WINDOWS\INF
2020-06-21 15:33:30 ----HD---- C:\Program Files\WindowsApps
2020-06-21 15:21:23 ----D---- C:\Program Files (x86)\World of Warcraft
2020-06-21 15:19:10 ----D---- C:\Windows
2020-06-21 15:06:56 ----D---- C:\Users\Martin\AppData\Roaming\slobs-client
2020-06-20 17:38:17 ----D---- C:\WINDOWS\Logs
2020-06-20 09:46:56 ----D---- C:\WINDOWS\system32\LogFiles
2020-06-19 22:26:34 ----D---- C:\WINDOWS\system32\catroot2
2020-06-19 22:20:08 ----D---- C:\WINDOWS\Prefetch
2020-06-19 18:11:41 ----SHD---- C:\Recovery
2020-06-19 18:02:45 ----HD---- C:\$WINDOWS.~BT
2020-06-19 17:34:40 ----DC---- C:\WINDOWS\Panther
2020-06-19 17:12:59 ----D---- C:\WINDOWS\system32\config
2020-06-19 16:28:54 ----D---- C:\WINDOWS\CbsTemp
2020-06-19 16:28:48 ----D---- C:\WINDOWS\WinSxS
2020-06-19 16:28:48 ----D---- C:\WINDOWS\SysWOW64
2020-06-19 16:28:21 ----SHD---- C:\System Volume Information
2020-06-18 15:46:47 ----D---- C:\WINDOWS\system32\Tasks
2020-06-17 15:44:48 ----D---- C:\Program Files (x86)\Overwatch
2020-06-17 15:39:35 ----AD---- C:\Program Files\Riot Vanguard
2020-06-14 20:07:04 ----D---- C:\Program Files
2020-06-14 20:07:02 ----D---- C:\WINDOWS\System32
2020-06-14 20:07:01 ----D---- C:\WINDOWS\system32\drivers
2020-06-14 20:07:01 ----D---- C:\Program Files\Common Files
2020-06-14 18:19:25 ----D---- C:\WINDOWS\SoftwareDistribution
2020-06-14 18:11:41 ----HD---- C:\WINDOWS\ELAMBKUP
2020-06-14 18:10:40 ----HD---- C:\ProgramData
2020-06-14 18:08:52 ----D---- C:\Program Files\CCleaner
2020-06-09 19:35:45 ----D---- C:\Program Files\Streamlabs OBS
2020-06-07 14:33:39 ----D---- C:\WINDOWS\system32\drivers\UMDF
2020-06-07 09:21:48 ----D---- C:\WINDOWS\system32\WDI
2020-06-06 12:33:35 ----D---- C:\WINDOWS\system32\DriverStore
2020-06-06 11:32:29 ----D---- C:\temp
2020-06-05 23:03:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2020-06-04 09:46:51 ----D---- C:\WINDOWS\system32\drivers\wd
2020-05-30 10:24:36 ----D---- C:\Program Files (x86)\Battle.net
2020-05-29 08:30:32 ----D---- C:\Program Files\UNP
2020-05-23 18:37:44 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdpsp;@oem3.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2018-09-12 137496]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-03-12 254776]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-12 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 MpKslDrv;MpKslDrv; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9B917CC0-4B7C-4965-AE96-77B5B5B8768E}\MpKslDrv.sys [2020-06-21 43232]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-05-13 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 amdgpio2;@oem12.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-10-01 45832]
R3 amdgpio3;@oem2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio3.sys [2016-08-12 24424]
R3 AMDPCIDev;@oem4.inf,%AMDPCIDev.SVCDESC%;AMD PCI; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [2018-04-25 31592]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-14 117264]
R3 gameflt;@oem35.inf,%ServiceName%;gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_ed149265feff3131\gameflt.sys [2020-05-19 71528]
R3 NVHDA;@oem20.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-03-18 223120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_55e7fb10ab85a7c2\nvlddmkm.sys [2020-05-18 23454448]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-04-17 69840]
R3 nvvhci;@oem33.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-03-19 662528]
R3 RzCommon;@oem31.inf,%RzCommon.SVCDESC%;Razer Control Service; C:\WINDOWS\System32\drivers\RzCommon.sys [2020-02-17 51776]
R3 RzDev_006e;@oem32.inf,%RzDev.ServiceDesc%;Razer 006e Service; C:\WINDOWS\System32\drivers\RzDev_006e.sys [2020-02-17 52496]
R3 RzDev_0306;@oem34.inf,%RzDev.ServiceDesc%;Razer 0306 Service; C:\WINDOWS\System32\drivers\RzDev_0306.sys [2020-02-17 52504]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2020-04-16 151352]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-03-19 220176]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-12 337920]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 amdkmcsp;AMD Kernel Mode CSP Service; C:\WINDOWS\System32\drivers\amdkmcsp.sys [2017-06-12 95080]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-12-31 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2020-02-14 138040]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2020-02-14 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2020-02-14 153912]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-14 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-12 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-12 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-12 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-12 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-13 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-04-16 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-12-31 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2020-04-01 30336]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2019-03-03 486184]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-31 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S3 smbdirect;smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [2019-03-19 171008]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_4573a;CDPUserSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 GameInput;GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [2020-05-09 37816]
R2 GamingServices;GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe [2020-05-19 46008]
R2 GamingServicesNet;GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [2020-05-19 46008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-03-18 850928]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-05-16 873272]
R2 OneSyncSvc_4573a;OneSyncSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 Razer Game Manager Service;Razer Game Manager; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [2019-12-12 253776]
R2 Razer Synapse Service;Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [2020-03-30 289008]
R2 RzActionSvc;Razer Central Service; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [2019-12-14 532864]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2019-03-19 263904]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_4573a;cbdhsvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-03-12 929144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_4573a;AarSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_4573a;BcastDVRUserService_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_4573a;BluetoothUserService_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_4573a;CaptureService_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_4573a;ConsentUxUserSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-13 380632]
S3 CredentialEnrollmentManagerUserSvc_4573a;CredentialEnrollmentManagerUserSvc_4573a; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-13 380632]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_4573a;DeviceAssociationBrokerSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_4573a;DevicePickerUserSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_4573a;DevicesFlowUserSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-12 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-02-17 803440]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-09-12 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_4573a;MessagingService_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc_4573a;PimIndexMaintenanceSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_4573a;PrintWorkflowUserSvc_4573a; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2020-04-16 5930136]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-02-14 828216]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]

-----------------EOF-----------------

#2 Příspěvek od **Conder** » 22 čer 2020 01:25

Ahoj

RSIT log je uz v pripade Windows 10 nedostatocny, ale zacneme najprv s AdwCleanerom:

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Spustit skenovani a pockaj na dokoncenie
V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

Y0G1 · #3 Příspěvek od **Y0G1** » 22 čer 2020 09:30

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-22-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [22/06/2020 10:24:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Conder** » 23 čer 2020 01:11

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Y0G1 · #5 Příspěvek od **Y0G1** » 23 čer 2020 10:30

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-06-2020
Ran by Martin (administrator) on DESKTOP-TETKG5G (Micro-Star International Co., Ltd. MS-7A34) (23-06-2020 11:23:03)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Platform: Windows 10 Pro Version 1909 18363.836 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe <4>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7093\Agent.exe
(Discord Inc. -> Discord Inc.) C:\Users\Martin\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2006.2001.18.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.173\opera.exe <28>
(Opera Software AS -> Opera Software) C:\Users\Martin\AppData\Local\Programs\Opera\68.0.3618.173\opera_crashreporter.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\UX\RiotClientUx.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\UX\RiotClientUxRender.exe <2>
(Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
(Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1136104 2020-05-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3511536 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\Run: [Opera Browser Assistant] => C:\Users\Martin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3004440 2020-06-18] (Opera Software AS -> Opera Software)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3511536 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG2900 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCB.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2900 series: C:\WINDOWS\system32\CNMLMCB.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-12-14]
ShortcutTarget: Twitch.lnk -> C:\Users\Martin\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15A34683-34B2-4143-A477-4356053BB746} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17A36140-1F4D-4F7D-9F6D-1786BD82EECB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {295B0C37-260E-49F2-9951-395491D3CE33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {329040ED-6EA7-4127-9732-D6312B1B4A9E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35048B5D-B268-4637-9F41-68FB64AE15EE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {382FAC71-9D94-4ADE-B69C-D2FA1E15573E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5950BFDB-22B6-412B-8375-F50A52EB343B} - System32\Tasks\Opera scheduled Autoupdate 1553093722 => C:\Users\Martin\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-18] (Opera Software AS -> Opera Software)
Task: {5F9DAC24-4995-4FD7-8582-5B74D2756D4D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8475EB4B-C115-4ECB-B9AA-602ED93E3667} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E9D9326-EA10-4EE5-AFDE-2CCB0091C562} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A4BD17F4-24F2-4685-AB1F-B5F4E6B62D25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB34C40C-19BA-4AAB-B0E5-6026C3FD8169} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B28EBA9F-CF4A-4823-B595-AA1B3849CC0C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B99E827C-6FC6-41CD-BFE2-8A0504AE0EE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB253E8F-CA7E-4520-8452-C4FC06F94C6D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E20CF001-27F3-41FB-9F0F-2D5D33FC93D5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EE6639F0-49EF-4277-B8B5-0B81AFEFB614} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC75894D-79A5-4840-8714-9613B0513646} - System32\Tasks\Opera scheduled assistant Autoupdate 1582724866 => C:\Users\Martin\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-18] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18aa560b-1213-4751-9c12-ab32b0f04761}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

Opera:
=======
OPR Notifications: hxxps://domadoma.sk; hxxps://eu.forums.blizzard.com

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GameInput; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [37816 2020-05-09] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe [46008 2020-05-19] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [46008 2020-05-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [873272 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-12-12] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [289008 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-12-14] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-04-09] (Twitch Interactive, Inc. -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9848032 2020-06-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\System32\drivers\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-14] (Microsoft Corporation) [File not signed]
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_ed149265feff3131\gameflt.sys [71528 2020-05-19] (Microsoft Windows -> Microsoft Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3E98016F-9751-4A95-89B1-A7C6A7FEF272}\MpKslDrv.sys [43232 2020-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_55e7fb10ab85a7c2\nvlddmkm.sys [23454448 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006e; C:\WINDOWS\System32\drivers\RzDev_006e.sys [52496 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6456248 2020-06-22] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_3729127f0c107772\xvdd.sys [498520 2020-05-19] (Microsoft Windows -> Microsoft Corporation)
S3 _hid_0738_1731; C:\WINDOWS\system32\DRIVERS\_hid_0738_1731.sys [210384 2016-10-12] (Mad Catz Inc -> Saitek)
S3 _usb_0738_1731; C:\WINDOWS\System32\drivers\_usb_0738_1731.sys [46800 2016-10-12] (Mad Catz Inc -> Saitek)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-23 11:23 - 2020-06-23 11:28 - 000017748 _____ C:\Users\Martin\Desktop\FRST.txt
2020-06-23 11:22 - 2020-06-23 11:22 - 002290176 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2020-06-22 10:23 - 2020-06-22 10:24 - 000000000 ____D C:\AdwCleaner
2020-06-22 10:22 - 2020-06-22 10:22 - 008402608 _____ (Malwarebytes) C:\Users\Martin\Desktop\adwcleaner_8.0.5.exe
2020-06-21 20:53 - 2020-06-21 20:53 - 000001163 _____ C:\Users\Martin\Desktop\Sea of Thieves.lnk
2020-06-21 20:38 - 2020-06-21 20:38 - 001222144 _____ C:\Users\Martin\Desktop\RSITx64.exe
2020-06-21 20:38 - 2020-06-21 20:38 - 000000000 ____D C:\rsit
2020-06-18 15:52 - 2020-06-18 15:52 - 000000000 ___HD C:\$WinREAgent
2020-06-14 18:10 - 2020-06-14 18:11 - 000000000 ____D C:\ProgramData\AVG
2020-06-09 19:35 - 2020-06-09 19:35 - 000000000 ____D C:\ProgramData\obs-studio-hook
2020-06-08 16:08 - 2020-06-08 16:08 - 000000000 ____D C:\Users\Martin\AppData\Local\Opera Software
2020-06-07 14:33 - 2020-06-07 14:33 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-06-06 11:30 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-06 11:30 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-06-06 11:30 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-06 11:30 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-06-06 11:30 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-06 11:30 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-06-06 11:30 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-06-06 11:30 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-06-06 11:30 - 2020-05-18 23:21 - 000451480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-06-06 11:30 - 2020-05-18 23:21 - 000348056 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-06-06 11:30 - 2020-05-18 23:20 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-06-06 11:30 - 2020-05-18 23:20 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 005856664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 002072992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 001722096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444614.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 001566096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 001484184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444614.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 001482128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 001350560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 001141992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 001048480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 000816880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 000811240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 000680848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 000676248 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 000546720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-06-06 11:30 - 2020-05-18 23:19 - 000543144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-06-06 11:30 - 2020-05-18 23:18 - 017600240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-06-06 11:30 - 2020-05-18 23:18 - 015158000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-06-06 11:30 - 2020-05-18 23:18 - 005159320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-06-06 11:30 - 2020-05-18 23:17 - 004195656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-06-05 11:37 - 2020-06-05 11:37 - 000000355 _____ C:\Users\Martin\Downloads\Udaje.txt
2020-06-02 08:33 - 2020-06-02 08:33 - 000000000 ____D C:\Users\Martin\AppData\Local\VALORANT

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-23 11:27 - 2019-05-06 11:46 - 000000000 ____D C:\FRST
2020-06-23 11:25 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-23 11:24 - 2020-04-12 22:00 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-06-23 11:21 - 2020-04-12 21:46 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-06-23 11:21 - 2019-03-20 17:08 - 000000000 ____D C:\Users\Martin\AppData\Local\Battle.net
2020-06-23 10:55 - 2019-03-20 18:31 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Discord
2020-06-23 10:55 - 2019-03-20 17:08 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-23 10:54 - 2019-03-20 17:20 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2020-06-23 10:54 - 2019-03-20 17:18 - 000000000 ____D C:\Users\Martin\AppData\Local\Ubisoft Game Launcher
2020-06-23 10:53 - 2019-09-12 16:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-23 10:34 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-23 10:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-23 10:31 - 2020-02-27 15:39 - 000000000 ____D C:\Users\Martin\Downloads\opera autoupdate
2020-06-23 10:30 - 2019-03-20 16:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-23 10:25 - 2019-09-12 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-22 22:44 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-06-22 17:38 - 2019-04-13 08:26 - 000000000 ____D C:\Users\Martin\AppData\Roaming\slobs-client
2020-06-22 10:33 - 2019-09-12 17:02 - 000004226 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1553093722
2020-06-22 10:33 - 2019-03-20 16:55 - 000001406 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-06-22 09:55 - 2019-03-20 16:54 - 000000000 ____D C:\Users\Martin\AppData\Local\D3DSCache
2020-06-22 09:43 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-21 20:47 - 2019-09-12 16:49 - 000000000 ____D C:\Users\Martin
2020-06-21 20:38 - 2020-01-18 13:57 - 000000000 ____D C:\Program Files\trend micro
2020-06-21 18:19 - 2019-12-14 19:21 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Twitch
2020-06-21 15:51 - 2019-03-20 16:41 - 000000000 ____D C:\Users\Martin\AppData\Local\PlaceholderTileLogoFolder
2020-06-21 15:51 - 2019-03-20 16:38 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2020-06-21 15:21 - 2019-06-23 12:33 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2020-06-19 18:53 - 2019-09-12 17:02 - 000040008 _____ C:\WINDOWS\diagwrn.xml
2020-06-19 18:53 - 2019-09-12 17:02 - 000040008 _____ C:\WINDOWS\diagerr.xml
2020-06-19 18:10 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-06-19 18:02 - 2019-12-07 17:45 - 000000000 ___HD C:\$WINDOWS.~BT
2020-06-19 17:34 - 2019-09-09 15:48 - 000000000 ___DC C:\WINDOWS\Panther
2020-06-19 16:28 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-18 15:46 - 2020-05-19 19:04 - 000004470 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582724866
2020-06-17 15:44 - 2019-03-28 12:21 - 000000000 ____D C:\Program Files (x86)\Overwatch
2020-06-14 18:11 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-14 18:10 - 2019-09-12 17:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-06-14 18:08 - 2019-03-20 17:06 - 000000000 ____D C:\Program Files\CCleaner
2020-06-14 17:48 - 2019-04-13 15:26 - 000000000 ____D C:\Users\Martin\Desktop\Nový priečinok
2020-06-09 19:35 - 2019-04-13 08:26 - 000000000 ____D C:\Program Files\Streamlabs OBS
2020-06-07 18:40 - 2020-03-23 12:11 - 000000000 ____D C:\Users\Martin\opera autoupdate
2020-06-06 11:32 - 2019-12-14 14:31 - 000000000 ____D C:\temp
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 08:08 - 2019-09-12 17:02 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3299137129-3959029366-2649080390-1001
2020-06-05 08:08 - 2019-09-12 16:49 - 000002358 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-05 08:08 - 2018-08-10 13:23 - 000000000 ___RD C:\Users\Martin\OneDrive
2020-06-04 09:46 - 2019-03-20 16:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-05-30 10:24 - 2019-03-20 17:07 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-05-29 08:30 - 2019-06-20 07:21 - 000000000 ____D C:\Program Files\UNP

==================== Files in the root of some directories ========

2019-10-12 18:19 - 2019-10-12 18:19 - 000000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Y0G1 · #6 Příspěvek od **Y0G1** » 23 čer 2020 10:30

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2020
Ran by Martin (23-06-2020 11:28:42)
Running from C:\Users\Martin\Desktop
Windows 10 Pro Version 1909 18363.836 (X64) (2019-09-12 15:03:19)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

8IKEHd8Tqd (S-1-5-21-3299137129-3959029366-2649080390-1002 - Limited - Enabled)
Administrator (S-1-5-21-3299137129-3959029366-2649080390-500 - Administrator - Disabled)
DDobwmJat8X0ySWKwOe (S-1-5-21-3299137129-3959029366-2649080390-1005 - Limited - Enabled) => C:\Users\DDobwmJat8X0ySWKwOe
DefaultAccount (S-1-5-21-3299137129-3959029366-2649080390-503 - Limited - Disabled)
GKvL9dtkGV (S-1-5-21-3299137129-3959029366-2649080390-1004 - Limited - Enabled) => C:\Users\GKvL9dtkGV
Guest (S-1-5-21-3299137129-3959029366-2649080390-501 - Limited - Disabled)
jUpy26V5TxgBjSlKMd (S-1-5-21-3299137129-3959029366-2649080390-1003 - Limited - Enabled)
Martin (S-1-5-21-3299137129-3959029366-2649080390-1001 - Administrator - Enabled) => C:\Users\Martin
WDAGUtilityAccount (S-1-5-21-3299137129-3959029366-2649080390-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizácie NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameInput Redistributable (HKLM-x32\...\{AD78C5EF-EAAF-12E7-83A3-B335A79A3DB1}) (Version: 10.1.19041.1870 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Grafický ovládač 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 68.0.3618.173 (HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\Opera 68.0.3618.173) (Version: 68.0.3618.173 - Opera Software)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 446.14 - NVIDIA Corporation) Hidden
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0331.033010 - Razer Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.12.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.12.3 - General Workings, Inc.)
Twitch (HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 85.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.38.4.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1790.3.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-07] (Canon Inc.)
Cooking Fever -> C:\Program Files\WindowsApps\Nordcurrent.CookingFever_8.0.0.4_x86__m9bz608c1b9ra [2020-03-29] (Nordcurrent)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-05-19] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-05-19] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-18] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-20] (Fitbit)
Herné služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe [2020-05-19] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.18.1.0_x64__nfy108tqq3p12 [2020-06-18] (Thumbmunkeys Ltd)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.93.5382.2_x64__8wekyb3d8bbwe [2020-06-21] (ms-resource:PublisherDisplayName)
Xbox -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2006.2001.18.0_x64__8wekyb3d8bbwe [2020-06-16] (Microsoft Corporation) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-05-29 08:33 - 2020-05-29 08:33 - 096130048 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\libcef.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\libEGL.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 004342784 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\libGLESv2.dll
2019-03-06 15:32 - 2019-05-09 12:08 - 085372416 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2019-03-06 15:32 - 2019-03-06 15:32 - 000043520 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libUbiCustomEvent.dll
2020-04-12 21:43 - 2020-04-14 12:25 - 001039360 _____ () [File not signed] C:\Riot Games\Riot Client\UX\ffmpeg.dll
2020-04-12 21:43 - 2020-04-14 12:25 - 055407104 _____ () [File not signed] C:\Riot Games\Riot Client\UX\libcef.dll
2020-04-12 21:43 - 2020-04-14 12:25 - 000089088 _____ () [File not signed] C:\Riot Games\Riot Client\UX\libegl.dll
2020-04-12 21:43 - 2020-04-14 12:25 - 002076672 _____ () [File not signed] C:\Riot Games\Riot Client\UX\libglesv2.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000760832 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\chrome_elf.dll
2019-03-06 15:32 - 2019-05-09 12:08 - 000518144 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\chrome_elf.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\audio\qtaudio_windows.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\imageformats\qgif.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\imageformats\qico.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\imageformats\qjpeg.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\imageformats\qmng.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\imageformats\qsvg.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\imageformats\qtiff.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\platforms\qwindows.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-05-29 08:33 - 2020-05-29 08:33 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtQml\Models.2\modelsplugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtQuick.2\qtquick2plugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\qml\QtQuick\Window.2\windowplugin.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Core.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Gui.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Multimedia.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Network.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Qml.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Quick.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5QuickControls2.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5QuickTemplates2.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Svg.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Widgets.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5WinExtras.dll
2020-05-29 08:34 - 2020-05-29 08:34 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12040\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Martin\AppData\Local\Temp:$DATA [16]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-20 16:17 - 2019-03-20 16:15 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\Desktop\73hljc3yvgj41.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3299137129-3959029366-2649080390-1001\...\StartupApproved\Run: => "Synapse3"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D9B6FA7F-4E5D-4BE2-A466-14215FC60157}] => (Block) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{012CC4A4-B54A-4230-8918-FCDC1C8B5426}] => (Block) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4CB80358-3508-4F69-88C2-C53828342485}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{5C76C53F-5014-42D9-9A88-4515D137A89C}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{06F0CCBD-AD97-46D4-980C-6017BC24F912}] => (Block) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{05CB41D1-6B02-4D4E-90C1-0FE95C8CE7C9}] => (Block) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{9D0F91F6-33D7-49AA-9370-165185CFEF0B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{667B509E-B2C7-492C-BCA3-4B52EA1CBC99}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7584F9BA-AC7C-45C7-BFBA-6F3E3F59E143}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4FBAD801-63B4-4BE0-BDD5-5C718C2ED211}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{82F698DE-0FCA-43D9-BCE7-920A3931EC02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4EC5311E-2751-4854-A281-3DBB4A9B5A70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7048DD63-D8E2-4CF0-9A95-585DAB20A1AD}] => (Block) C:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{EE976642-DB9B-4371-A73B-52BBFDD1A11A}] => (Block) C:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{A310A9A9-FBA8-41E6-ADE3-0BFC06056E40}C:\diablo iii\x64\diablo iii64.exe] => (Allow) C:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{BD11F92B-4C08-4C02-811D-2F1D6A85C63B}C:\diablo iii\x64\diablo iii64.exe] => (Allow) C:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{15722E97-0821-4C66-B989-74EA8D084965}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D555C577-67AD-4579-A64B-DECDB1914244}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CCB769DA-0F82-47CD-9031-3FD9E1F01826}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{642505C9-DF5C-4B00-BB55-A50FDBD4D60B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DE3E846E-93DC-4647-ADB5-AECF20655DC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F16A3034-382D-4C1B-8715-0D24DD6F9D39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A8720F51-711D-4455-A779-4DD8833C0EE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7CC5485B-8A54-41E0-B609-B6748D58505F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{7CC49598-9FA6-435A-9E98-34ABB836E552}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{94386BC6-E529-47CF-8273-D5A0F3B7C576}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{43D01E36-9B40-47CE-9401-A64729CB7F07}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{04FC857F-359F-41AD-A476-F5FD7A8D6F29}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{53B875B2-A413-4999-A9C0-4A5FAB73B3E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B5C08F0C-CAE0-4B1F-94BC-2C43E2B7B631}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{1E1BE8F9-0620-4EE9-809B-3A3FBF24F662}C:\users\martin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{B22DBC5A-5CE3-445F-9AE3-2072A816717A}C:\users\martin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{5107C10A-55AE-4F96-9170-48E527A9C5C7}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{9A9A0F89-B93E-4463-A92D-602CC5C9581B}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{D84199A2-5F58-4A48-A3B9-44850ED743E8}C:\users\martin\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{C005D48E-BE72-46A6-933E-4364A7376AE2}C:\users\martin\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{694E1F14-DA2B-451B-8178-AFB5EEED135B}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{4BE0E47C-8BB9-4C2F-A6DB-423AF8CEE0BF}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

03-06-2020 12:52:30 Windows Update
11-06-2020 18:23:47 Scheduled Checkpoint
19-06-2020 16:27:52 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (06/23/2020 11:26:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17976,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/23/2020 11:06:49 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3996,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/23/2020 11:00:52 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8468,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/23/2020 10:53:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: GameBar.exe, verzia: 5.220.4292.0, časová značka: 0x5eaa20d5
Názov chybujúceho modulu: combase.dll, verzia: 10.0.18362.815, časová značka: 0x0611db4a
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000008fe95
Identifikácia chybujúceho procesu: 0x24e8
Čas spustenia chybujúcej aplikácie: 0x01d6493bca2b9822
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\combase.dll
Identifikácia hlásenia: 751156fd-3d50-4b49-9af9-f17cb1358ed8
Celé meno chybujúceho balíka: Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (06/23/2020 10:43:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5480,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/22/2020 10:15:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13728,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/22/2020 10:04:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16772,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/22/2020 09:26:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15168,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

System errors:
=============
Error: (06/23/2020 10:34:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (06/22/2020 10:33:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (06/22/2020 10:25:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Synapse Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (06/22/2020 10:25:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/22/2020 10:25:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Central Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (06/22/2020 10:25:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (06/22/2020 10:25:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/22/2020 10:25:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Windows Defender:
===================================
Date: 2020-06-22 10:11:20.132
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Severity: Závažná
Category: Trójsky kôň
Path: file:_D:\ccteqgkoh.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.317.1900.0, AS: 1.317.1900.0, NIS: 1.317.1900.0
Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2

Date: 2020-06-12 20:30:50.389
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Severity: Závažná
Category: Trójsky kôň
Path: file:_D:\vleuhvboi.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.317.1209.0, AS: 1.317.1209.0, NIS: 1.317.1209.0
Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2

Date: 2020-06-08 07:22:12.079
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {62D1A345-0FE2-4D52-9AAD-FB589AAB942E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-05 11:53:20.373
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A1861F7E-308C-4690-B9B6-819CA098ABA4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-06-14 18:12:52.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-14 18:12:52.970
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-14 18:12:52.948
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-14 18:12:51.351
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-14 18:12:51.151
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-14 12:26:15.533
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-14 12:25:20.144
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Riot Vanguard\vgc.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-04-14 12:25:18.714
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Martin\AppData\Local\Temp\7zDDC79C24\vgc.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. A.E0 05/02/2018
Motherboard: Micro-Star International Co., Ltd. B350 PC MATE (MS-7A34)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 47%
Total physical RAM: 16338.25 MB
Available physical RAM: 8617.32 MB
Total Virtual: 18770.25 MB
Available Virtual: 7669.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:614.35 GB) NTFS

\\?\Volume{a941d7dc-fd95-48f2-9ac3-113f200cbd9c}\ (Obnovenie) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{da93c9ba-3a2d-4984-9caf-7ca6eb2af10d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#7 Příspěvek od **Conder** » 26 čer 2020 21:42

Pardon za zdrzanie.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
File: C:\WINDOWS\System32\drivers\BthA2dp.sys
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2020-06-21 20:38 - 2020-06-21 20:38 - 001222144 _____ C:\Users\Martin\Desktop\RSITx64.exe
2020-06-21 20:38 - 2020-06-21 20:38 - 000000000 ____D C:\rsit
2020-06-21 20:38 - 2020-01-18 13:57 - 000000000 ____D C:\Program Files\trend micro
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
AlternateDataStreams: C:\Users\Martin\AppData\Local\Temp:$DATA [16]
FirewallRules: [TCP Query User{7CC49598-9FA6-435A-9E98-34ABB836E552}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{94386BC6-E529-47CF-8273-D5A0F3B7C576}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{43D01E36-9B40-47CE-9401-A64729CB7F07}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{04FC857F-359F-41AD-A476-F5FD7A8D6F29}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Y0G1 · #8 Příspěvek od **Y0G1** » 27 čer 2020 20:25

Dobry den nic sa nedeje milo rad pockam .

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-06-2020
Ran by Martin (27-06-2020 21:11:55) Run:2
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
File: C:\WINDOWS\System32\drivers\BthA2dp.sys
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2020-06-21 20:38 - 2020-06-21 20:38 - 001222144 _____ C:\Users\Martin\Desktop\RSITx64.exe
2020-06-21 20:38 - 2020-06-21 20:38 - 000000000 ____D C:\rsit
2020-06-21 20:38 - 2020-01-18 13:57 - 000000000 ____D C:\Program Files\trend micro
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\Martin\AppData\Local\Temp:$DATA [16]
FirewallRules: [TCP Query User{7CC49598-9FA6-435A-9E98-34ABB836E552}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{94386BC6-E529-47CF-8273-D5A0F3B7C576}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{43D01E36-9B40-47CE-9401-A64729CB7F07}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{04FC857F-359F-41AD-A476-F5FD7A8D6F29}] => (Block) C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 114
Average :
Sum : 69784196
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========================= File: C:\Riot Games\Riot Client\RiotClientCrashHandler.exe ========================

C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
File not signed
MD5: E9D6F6D83CBC4B9927C260ED70117304
Creation and modification date: 2020-04-12 21:43 - 2020-06-16 15:36
Size: 001947648
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/c39 ... 1593116247

====== End of File: ======

========================= File: C:\WINDOWS\System32\drivers\BthA2dp.sys ========================

C:\WINDOWS\System32\drivers\BthA2dp.sys
File not signed
MD5: CCA2505C9EB10CDABDC9FEE10D812F02
Creation and modification date: 2019-09-14 20:16 - 2019-09-14 20:16
Size: 000231936
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: btha2dp.sys
Original Name: btha2dp.sys
Product: Microsoft® Windows® Operating System
Description: Bluetooth A2DP Driver
File Version: 10.0.18362.356 (WinBuild.160101.0800)
Product Version: 10.0.18362.356
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/8b0 ... 1593280813

====== End of File: ======

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
C:\Users\Martin\Desktop\RSITx64.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
C:\Users\Martin\AppData\Local\Temp => ":$DATA" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7CC49598-9FA6-435A-9E98-34ABB836E552}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{94386BC6-E529-47CF-8273-D5A0F3B7C576}C:\users\martin\appdata\local\programs\opera\68.0.3618.125\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43D01E36-9B40-47CE-9401-A64729CB7F07}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04FC857F-359F-41AD-A476-F5FD7A8D6F29}" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14810716 B
Java, Flash, Steam htmlcache => 476534839 B
Windows/system/drivers => 1615194 B
Edge => 60928 B
Chrome => 0 B
Firefox => 0 B
Opera => 381645791 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 14396 B
Martin => 96510479 B
GKvL9dtkGV => 96510479 B
DDobwmJat8X0ySWKwOe => 96510479 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:17:37 ====

#9 Příspěvek od **Conder** » 28 čer 2020 02:19

OK. Ako to vyzera s PC? Co sa tyka toho miesta na disku, je mozne, ze ide iba o nejake docasne subory alebo cache. Mozes vyskusat CCleaner.

Y0G1 · #10 Příspěvek od **Y0G1** » 28 čer 2020 10:16

nabehlo mi cca 40gb volneho miesta

Takze super praca dakujem vam velmi pekne som rad ze som nemal virus aspon myslim

#11 Příspěvek od **Conder** » 29 čer 2020 19:12

Virus tam nebol

Tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

Y0G1 · #12 Příspěvek od **Y0G1** » 29 čer 2020 21:56

Hotovo dakujem velmi pekne

#13 Příspěvek od **Conder** » 01 črc 2020 23:03

Nie je zaco, rad som pomohol

VIRY.CZ

Preventivka HDD space

Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space

Re: Preventivka HDD space