Vypadávající internet

Zpráva

bojimso · #1 Příspěvek od **bojimso** » 11 led 2020 11:59

Zdravím,

předtím, než zavolám providerovi bych se rád ujistil, že je u mě všechno OK. Poslední dobou mi vypadává internet, pokud ho přetěžuji např. sledováním videí na YT a k tomu stahováním, ale někdy i obyčejným prohlížením webu. Děje se to tak 1x do hodiny a pak musím resetovat router a vytáhnout napájení. Také mi dnes malwarebytes vyhodnotil tento web (fórum) jako trojan a musel jsem přidat do vyjímky, jinak scan byl čistý. Přidávám všechny 4 LOGy.

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2020-01-11 11:54:53
Microsoft Windows 10 Home
System drive C: has 36 GB (16%) free of 228 GB
Total RAM: 8137 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:56, on 11.01.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
C:\ProgramData\Battle.net\Agent\Agent.6926\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [OneDrive] "C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [TSMApplication] "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646561\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646592\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\..\Run: [OneDrive] "C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?')
O4 - HKUS\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\..\Run: [TSMApplication] "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe" (User '?')
O4 - HKUS\S-1-5-21-3482348820-1896476200-1895645591-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060647041\..\Run: [OneDrive] "C:\Users\bejja\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?')
O4 - S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620 Startup: chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (User '?')
O4 - Startup: chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (x86)\LightComp eDoklady Skenováni\iehelper.html
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_67cf74b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HPSmartDeviceAgentBase - Unknown owner - c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13048 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f9aa6c35-3792-4198-9af4-78fba45c8d6b -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-be2316aa-2820-47b6-94ec-7c4ef7e6e470 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-aef236a8-6267-4e7c-ad76-402b611394ab -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-edeaca04-6951-43cf-a0ef-0f19f85a7d1f -LifetimeId:1d572d7a-5e17-4cba-b303-968996d5afb9 -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp

C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
dashost.exe {c3ae6562-e823-4c63-b2f133332a11da07}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"ctfmon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.115.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\TiltWheelMouse.exe"
AvastUI.exe /nogui
"C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Gyazo\GyStation.exe"
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
"C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\ProgramData\Battle.net\Agent\Agent.6926\Agent.exe" --session=17032657648302485659
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=gpu-process --field-trial-handle=3624,6142244234663566455,5695198099994131851,131072 --disable-features=HardwareMediaKeyHandling --no-sandbox --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20200111T052832.858691.log" --log-severity=error --product-version="Battle.net/1.18.1.11740 (retail) Chrome/75.0.3770.100" --lang=en-US --watch-browser-pid=5544 --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20200111T052832.858691.log" --service-request-channel-token=16400774052578426308 --mojo-platform-channel-handle=3664 /prefetch:2 --battle-net-helper=Battle.net.11740
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=utility --field-trial-handle=3624,6142244234663566455,5695198099994131851,131072 --disable-features=HardwareMediaKeyHandling --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20200111T052832.858691.log" --log-severity=error --product-version="Battle.net/1.18.1.11740 (retail) Chrome/75.0.3770.100" --lang=en-US --watch-browser-pid=5544 --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20200111T052832.858691.log" --service-request-channel-token=4506448703701579061 --mojo-platform-channel-handle=4728 /prefetch:8 --battle-net-helper=Battle.net.11740
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe" /InvokerPRAID: App
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
taskhostw.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --type=renderer --no-sandbox --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20200111T052832.858691.log" --field-trial-handle=3624,6142244234663566455,5695198099994131851,131072 --disable-features=HardwareMediaKeyHandling --lang=en-US --log-file="C:\Users\David\AppData\Local\Battle.net\Logs\libcef-20200111T052832.858691.log" --log-severity=error --product-version="Battle.net/1.18.1.11740 (retail) Chrome/75.0.3770.100" --disable-spell-checking --uncaught-exception-stack-size=10 --watch-browser-pid=5544 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8072811526396062051 --renderer-client-id=7 --mojo-platform-channel-handle=908 /prefetch:1 --battle-net-helper=Battle.net.11740
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe"
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe"
"C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe" /i
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe" /i
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\David\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=79.0.3945.117 --initial-client-data=0x2d8,0x2dc,0x2e0,0x2d4,0x2e4,0x7ff9d11bdd08,0x7ff9d11bdd18,0x7ff9d11bdd28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2428 --on-initialized-event-handle=788 --parent-handle=792 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=13542885253325329618 --mojo-platform-channel-handle=1752 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --service-request-channel-token=7373493836014012983 --mojo-platform-channel-handle=2008 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --extension-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12362733264056444401 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --extension-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9443602281055659397 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4348 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --extension-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1904378704926550988 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4372 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --extension-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14891101992661545165 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4520 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --extension-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8616363080230299553 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1692 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12905330185498214521 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10486929283890608657 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2601998777884500273 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1149815211595624119 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2248527445192280579 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11369292362646498961 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --service-request-channel-token=1814687712249120420 --mojo-platform-channel-handle=7600 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4452578371897458628 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10726588729315286539 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18294690339778387686 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6364 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
dashost.exe {cb482e25-1d62-4fa4-8509d5e3841031fc}
dashost.exe {d030b524-109a-472e-b95105e5031cd469}
C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation -p -s wcncsvc
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=3032,15065645395049440790,2838159534005806329,131072 --no-sandbox --log-file="C:\Users\David\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (19.8.2393)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=9276653529098946632 --mojo-platform-channel-handle=8552 /prefetch:2
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\Windows\System32\SecurityHealthHost.exe {08728914-3F57-4D52-9E31-49DAECA5A80A} -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:7648 CREDAT:9730 APH:1000000000000048 JITHOST /prefetch:2
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\WINDOWS\system32\AUDIODG.EXE 0x774
"C:\Program Files (x86)\foobar2000\foobar2000.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=910519731996920169 --renderer-client-id=357 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12302208012557298472 --renderer-client-id=359 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18288738673145484866 --renderer-client-id=364 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
"C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8887362378944923811 --renderer-client-id=369 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8665900650203140798 --renderer-client-id=371 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12968 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15074992068255115966 --renderer-client-id=372 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1781739289568057096 --renderer-client-id=373 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2169068802415778223 --renderer-client-id=374 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7796 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe84_ Global\UsGthrCtrlFltPipeMssGthrPipe84 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 776 780 788 8192 784
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2060325478889419907 --renderer-client-id=386 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9828 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16920292647010465148 --renderer-client-id=387 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11137399765380892775 --renderer-client-id=388 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8846336249385948465 --renderer-client-id=389 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11024 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2987721889499393519 --renderer-client-id=390 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2516 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8490188403927942726 --renderer-client-id=391 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10636 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1768,16983033225272519313,1061161905058297881,131072 --disable-gpu-compositing --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7738564579578254411 --renderer-client-id=392 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
"C:\Users\David\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default

prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=4.0.0-dev]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 2177328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 1522480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-17 16404224]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2013-04-09 241152]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-08 268680]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2018-11-02 3942936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-11-22 1585000]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2018-10-04 1384840]
"Battle.net"=C:\Program Files (x86)\Battle.net\Battle.net.exe [2019-12-17 1109152]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-08-27 731240]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-10-16 24552064]
"TSMApplication"=C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [2019-09-15 1623040]

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.RTV1"=rtvcvfw64.dll
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-01-11 11:54:53 ----D---- C:\rsit
2020-01-11 11:27:57 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2020-01-11 11:27:55 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2020-01-11 11:27:54 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2020-01-11 11:27:52 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2020-01-11 11:27:52 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2020-01-11 11:05:24 ----D---- C:\Program Files\VueScan
2020-01-07 11:15:21 ----D---- C:\WINDOWS\LastGood.Tmp
2020-01-07 11:13:53 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-07 11:13:53 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-01-07 11:13:53 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-01-07 11:13:53 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-01-07 11:13:53 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2020-01-07 11:13:53 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-07 11:13:53 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-01-07 11:13:53 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-07 11:13:53 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-01-07 11:13:53 ----A---- C:\WINDOWS\system32\OpenCL.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\nvdispgenco6444187.dll
2020-01-07 11:13:51 ----A---- C:\WINDOWS\system32\nvdispco6444187.dll
2020-01-07 11:13:50 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-01-07 11:13:50 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-01-07 11:13:50 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2020-01-07 11:13:50 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-01-07 11:13:50 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-01-07 11:13:50 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2020-01-06 14:02:56 ----D---- C:\Worl
2019-12-31 05:08:00 ----D---- C:\WINDOWS\Minidump
2019-12-25 03:02:08 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_1.dll
2019-12-25 03:02:08 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_0.dll
2019-12-25 03:02:08 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2019-12-25 03:02:08 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2019-12-25 03:02:07 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_1.dll
2019-12-25 03:02:07 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_4.dll
2019-12-25 03:02:07 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2019-12-25 03:02:07 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2019-12-25 03:02:06 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_38.dll
2019-12-25 03:02:06 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_38.dll
2019-12-25 03:02:06 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_38.dll
2019-12-25 03:02:06 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2019-12-25 03:02:06 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2019-12-25 03:02:06 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2019-12-25 03:02:05 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_0.dll
2019-12-25 03:02:05 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_0.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_3.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_37.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_37.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2019-12-25 03:02:04 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2019-12-25 03:02:03 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_37.dll
2019-12-25 03:02:03 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2019-12-25 03:02:02 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_10.dll
2019-12-25 03:02:02 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2019-12-25 03:02:01 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_36.dll
2019-12-25 03:02:01 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_36.dll
2019-12-25 03:02:01 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2019-12-25 03:02:01 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2019-12-25 03:02:00 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_36.dll
2019-12-25 03:02:00 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2019-12-25 03:01:59 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_9.dll
2019-12-25 03:01:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_35.dll
2019-12-25 03:01:59 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_35.dll
2019-12-25 03:01:59 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2019-12-25 03:01:59 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2019-12-25 03:01:59 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2019-12-25 03:01:57 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_35.dll
2019-12-25 03:01:57 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_8.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_2.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_34.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_34.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2019-12-25 03:01:56 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2019-12-25 03:01:55 ----A---- C:\WINDOWS\SYSWOW64\xinput1_3.dll
2019-12-25 03:01:55 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_34.dll
2019-12-25 03:01:55 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2019-12-25 03:01:55 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2019-12-25 03:01:54 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_7.dll
2019-12-25 03:01:54 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_33.dll
2019-12-25 03:01:54 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_33.dll
2019-12-25 03:01:54 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2019-12-25 03:01:54 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2019-12-25 03:01:54 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2019-12-25 03:01:53 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_33.dll
2019-12-25 03:01:53 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2019-12-25 03:01:52 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_6.dll
2019-12-25 03:01:52 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2019-12-25 03:01:51 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_5.dll
2019-12-25 03:01:51 ----A---- C:\WINDOWS\SYSWOW64\d3dx10.dll
2019-12-25 03:01:51 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2019-12-25 03:01:51 ----A---- C:\WINDOWS\system32\d3dx10.dll
2019-12-25 03:01:50 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_4.dll
2019-12-25 03:01:50 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_1.dll
2019-12-25 03:01:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2019-12-25 03:01:50 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2019-12-25 03:01:50 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2019-12-25 03:01:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2019-12-25 03:01:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_3.dll
2019-12-25 03:01:49 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_31.dll
2019-12-25 03:01:49 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2019-12-25 03:01:49 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2019-12-25 03:01:48 ----A---- C:\WINDOWS\SYSWOW64\xinput1_2.dll
2019-12-25 03:01:48 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2019-12-25 03:01:47 ----A---- C:\WINDOWS\SYSWOW64\xinput1_1.dll
2019-12-25 03:01:47 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_2.dll
2019-12-25 03:01:47 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2019-12-25 03:01:47 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2019-12-25 03:01:46 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_1.dll
2019-12-25 03:01:46 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2019-12-25 03:01:43 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_30.dll
2019-12-25 03:01:43 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2019-12-25 03:01:42 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_0.dll
2019-12-25 03:01:42 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_0.dll
2019-12-25 03:01:42 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_29.dll
2019-12-25 03:01:42 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2019-12-25 03:01:42 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2019-12-25 03:01:42 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2019-12-25 03:01:41 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_28.dll
2019-12-25 03:01:41 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2019-12-25 03:01:40 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_27.dll
2019-12-25 03:01:40 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_26.dll
2019-12-25 03:01:40 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2019-12-25 03:01:40 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2019-12-25 03:01:39 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_25.dll
2019-12-25 03:01:39 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2019-12-25 03:01:38 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_24.dll
2019-12-25 03:01:38 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2019-12-14 00:23:42 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-12-14 00:23:42 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-12-14 00:23:42 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-14 00:23:41 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-14 00:23:41 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-12-14 00:23:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2019-12-14 00:23:40 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-12-14 00:23:40 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2019-12-14 00:23:40 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2019-12-14 00:23:40 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\fhcfg.dll
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2019-12-14 00:23:39 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-12-14 00:23:38 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-12-14 00:23:38 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-12-14 00:23:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-12-14 00:23:38 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-12-14 00:23:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-12-14 00:23:37 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-12-14 00:23:37 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2019-12-14 00:23:37 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-12-14 00:23:37 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-12-14 00:23:37 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-12-14 00:23:37 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2019-12-14 00:23:33 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-12-14 00:23:33 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2019-12-14 00:23:33 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2019-12-14 00:23:33 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-12-14 00:23:33 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-12-14 00:23:32 ----A---- C:\WINDOWS\system32\pnidui.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\wow64win.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\services.exe
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\lpk.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\fdProxy.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-14 00:23:31 ----A---- C:\WINDOWS\system32\dciman32.dll
2019-12-14 00:23:30 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-12-14 00:23:30 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-14 00:23:30 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-12-14 00:23:30 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-12-14 00:23:30 ----A---- C:\WINDOWS\system32\msctf.dll
2019-12-14 00:23:30 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-12-14 00:23:29 ----A---- C:\WINDOWS\system32\winresume.exe
2019-12-14 00:23:29 ----A---- C:\WINDOWS\system32\winload.exe
2019-12-14 00:23:29 ----A---- C:\WINDOWS\system32\shell32.dll
2019-12-14 00:23:29 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-12-14 00:23:29 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\win32u.dll
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\win32k.sys
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\usosvc.dll
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\user32.dll
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-14 00:23:28 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\autopilot.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-14 00:23:27 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe

======List of files/folders modified in the last 1 month======

2020-01-11 11:54:56 ----D---- C:\WINDOWS\Prefetch
2020-01-11 11:54:55 ----D---- C:\Program Files\trend micro
2020-01-11 11:47:44 ----D---- C:\WINDOWS\Temp
2020-01-11 11:47:37 ----D---- C:\Users\David\AppData\Roaming\foobar2000
2020-01-11 11:42:35 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-11 11:33:00 ----D---- C:\WINDOWS\system32\sru
2020-01-11 11:27:57 ----D---- C:\WINDOWS\system32\drivers
2020-01-11 11:05:30 ----D---- C:\WINDOWS\INF
2020-01-11 11:05:29 ----D---- C:\WINDOWS\system32\DriverStore
2020-01-11 11:05:29 ----D---- C:\WINDOWS\system32\CatRoot
2020-01-11 11:05:26 ----D---- C:\WINDOWS\twain_64
2020-01-11 11:05:26 ----D---- C:\WINDOWS\twain_32
2020-01-11 11:05:24 ----RD---- C:\Program Files
2020-01-11 11:03:32 ----D---- C:\WINDOWS\AppReadiness
2020-01-11 11:01:21 ----D---- C:\Windows
2020-01-11 11:00:14 ----D---- C:\Program Files (x86)\HP
2020-01-11 10:50:31 ----RD---- C:\WINDOWS\Microsoft.NET
2020-01-11 10:50:21 ----D---- C:\WINDOWS\System32
2020-01-11 10:44:10 ----D---- C:\Program Files (x86)\MSI Afterburner
2020-01-11 10:24:43 ----D---- C:\WINDOWS\system32\SleepStudy
2020-01-11 06:32:16 ----AD---- C:\World of Warcraft
2020-01-11 06:28:02 ----D---- C:\ProgramData\NVIDIA
2020-01-10 19:23:28 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2020-01-10 19:23:28 ----D---- C:\Program Files (x86)\Steam
2020-01-10 19:23:24 ----D---- C:\WINDOWS\LiveKernelReports
2020-01-10 19:23:24 ----D---- C:\WINDOWS\debug
2020-01-10 16:14:00 ----HD---- C:\Program Files\WindowsApps
2020-01-10 06:11:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-09 15:15:07 ----D---- C:\WINDOWS\system32\WDI
2020-01-09 15:14:00 ----D---- C:\WINDOWS\SysWOW64
2020-01-08 16:37:18 ----D---- C:\WINDOWS\system32\Tasks
2020-01-07 11:16:12 ----SHD---- C:\System Volume Information
2020-01-06 09:57:34 ----AD---- C:\Users\David\AppData\Roaming\Curse Client
2020-01-05 00:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2020-01-04 23:14:25 ----D---- C:\WINDOWS\system32\catroot2
2020-01-03 21:42:58 ----D---- C:\Program Files (x86)\SpeedFan
2020-01-03 11:23:12 ----D---- C:\Users\David\AppData\Roaming\vlc
2020-01-02 08:42:24 ----D---- C:\WINDOWS\Logs
2020-01-01 06:50:06 ----D---- C:\Users\David\AppData\Roaming\discord
2019-12-31 05:12:26 ----D---- C:\ProgramData\NVIDIA Corporation
2019-12-31 05:12:07 ----D---- C:\Program Files\NVIDIA Corporation
2019-12-31 05:12:07 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-12-28 19:18:57 ----D---- C:\Program Files (x86)\RivaTuner Statistics Server
2019-12-28 04:49:20 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2019-12-28 04:49:20 ----A---- C:\WINDOWS\system32\nvapi64.dll
2019-12-28 02:35:40 ----RD---- C:\Program Files (x86)
2019-12-25 03:02:39 ----SHD---- C:\WINDOWS\Installer
2019-12-25 03:01:46 ----RSD---- C:\WINDOWS\assembly
2019-12-24 09:29:23 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2019-12-24 09:29:23 ----A---- C:\WINDOWS\system32\nvcpl.dll
2019-12-24 09:29:21 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2019-12-24 09:29:21 ----A---- C:\WINDOWS\system32\nvshext.dll
2019-12-24 09:29:21 ----A---- C:\WINDOWS\system32\nvmctray.dll
2019-12-24 09:29:21 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2019-12-24 09:29:21 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2019-12-22 20:28:21 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2019-12-20 12:46:46 ----D---- C:\WINDOWS\system32\config
2019-12-19 21:22:24 ----D---- C:\WINDOWS\WinSxS
2019-12-17 22:40:27 ----AD---- C:\Program Files (x86)\Battle.net
2019-12-14 05:35:24 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-12-14 05:35:24 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-12-14 05:35:24 ----D---- C:\WINDOWS\SystemResources
2019-12-14 05:35:24 ----D---- C:\WINDOWS\system32\uk-UA
2019-12-14 05:35:24 ----D---- C:\WINDOWS\system32\pl-PL
2019-12-14 05:35:24 ----D---- C:\WINDOWS\system32\migration
2019-12-14 05:35:24 ----D---- C:\WINDOWS\system32\en-US
2019-12-14 05:35:24 ----D---- C:\WINDOWS\system32\cs-CZ
2019-12-14 05:35:24 ----D---- C:\WINDOWS\system32\Boot
2019-12-14 05:35:24 ----D---- C:\WINDOWS\ShellExperiences
2019-12-14 05:35:24 ----D---- C:\WINDOWS\bcastdvr
2019-12-14 00:25:59 ----D---- C:\WINDOWS\CbsTemp
2019-12-12 00:30:18 ----D---- C:\WINDOWS\system32\MRT
2019-12-12 00:27:00 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-08 37616]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-08 209552]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-08 65120]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-08 16304]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-08 83792]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-08 316528]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 40960]
R1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2011-11-07 17192]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-08 204824]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-08 274456]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-08 276952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-08 42736]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-08 110320]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-08 848432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-08 460448]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-11-02 161544]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-10-08 236024]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv_bgp.sys [2019-11-30 315976]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-12-14 457216]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2020-01-11 216544]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-10-09 117048]
R3 dtlitescsibus;@oem29.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-14 30264]
R3 dtliteusbbus;@oem24.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-14 47672]
R3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-03-19 553984]
R3 HPEWSFXBULK;HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [2016-09-13 29248]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-17 4603136]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2020-01-11 224408]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2020-01-11 73584]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2020-01-11 278344]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2020-01-11 116832]
R3 MEIx64;@oem12.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 NVHDA;@oem15.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2019-09-05 228792]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_3c305af2b0517e24\nvlddmkm.sys [2019-12-28 23251968]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem13.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2019-09-05 75600]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2017-08-27 14024]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-11-17 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-03-19 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-15 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-21 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-11-15 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-11-15 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-11-15 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-11-15 98304]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-21 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-04 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-11-15 84488]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-15 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-12-07 30336]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-14 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-08 996880]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-08 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_67cf74b;Uživatelská služba platformy připojených zařízení_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 272352]
R2 MBAMService;Malwarebytes Service; C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamservice.exe [2019-11-17 6960640]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-12-05 858480]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-12-24 860656]
R2 OneSyncSvc_67cf74b;Hostitel synchronizace_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-12-19 6259592]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_67cf74b;Uživatelská služba schránky_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-08-27 3730024]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_67cf74b;Data kontaktů_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-09-21 913168]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S2 HPSmartDeviceAgentBase;HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [2017-10-25 68608]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_67cf74b;Agent Activation Runtime_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_67cf74b;Uživatelská služba pro GameDVR a vysílání her_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_67cf74b;Služba pro podporu uživatelů Bluetooth_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_67cf74b;CaptureService_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_67cf74b;ConsentUX_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_67cf74b;CredentialEnrollmentManagerUserSvc_67cf74b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_67cf74b;DeviceAssociationBroker_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_67cf74b;DevicePicker_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_67cf74b;Tok zařízení_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-21 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-09-21 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe [2020-01-07 1113072]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_67cf74b;Služba zasílání zpráv_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-11-20 242720]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-12-05 858480]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2019-09-15 2431816]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_67cf74b;PrintWorkflow_67cf74b; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-11-28 474256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]

-----------------EOF-----------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by David (administrator) on DESKTOP-7D2FQ0G (11-01-2020 11:56:41)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David & Mamka)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6926\Agent.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piotr Pawlowski) [File not signed] C:\Program Files (x86)\foobar2000\foobar2000.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-09-17] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942936 2018-11-02] (Logitech -> Logitech, Inc.)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1109152 2019-12-17] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2019-09-15] () [File not signed]
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\MountPoints2: {566a6946-9da3-11e9-aafb-d05099ae28e2} - "F:\setup.exe"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\MountPoints2: {8a8d3fb7-e466-11e8-aac5-d05099ae28e2} - "E:\Install.exe"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\MountPoints2: {e84146d5-9e00-11e9-aafb-d05099ae28e2} - "H:\setup.exe"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1109152 2019-12-17] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2019-09-15] () [File not signed]
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\MountPoints2: {566a6946-9da3-11e9-aafb-d05099ae28e2} - "F:\setup.exe"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\MountPoints2: {8a8d3fb7-e466-11e8-aac5-d05099ae28e2} - "E:\Install.exe"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\MountPoints2: {e84146d5-9e00-11e9-aafb-d05099ae28e2} - "H:\setup.exe"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060647041\...\Run: [GoogleChromeAutoLaunch_20EFED22C2D556F0C974573472262F50] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3482348820-1896476200-1895645591-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060647041\...\Run: [Plays] => C:\Users\bejja\AppData\Local\Plays\update.exe [1945736 2019-11-07] (Plays.tv, Inc -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.lnk [2018-09-27]
ShortcutTarget: chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01BD0AAE-6E97-4D14-967E-778F8DB8008F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0CC1717F-D7F9-4720-90CB-9E7FB29469C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {0F8433B4-CC9A-48DF-8BAA-C9266AC90ED8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {104B8479-2520-4DA4-81F8-5E3F3E9BBA8D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {18E21489-4E9F-4ACC-AA4A-E5BE5CEEAFD0} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {3600585F-74A0-4462-A219-4E9CB0AF7A45} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3906E0B8-DDDB-4B33-BFC5-F96E879E4D20} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {40FE9DE1-5C5B-42D5-9679-6D13C2740EA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {47AE2C3A-06F9-4C03-9C40-008DFDDA0C7D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B515F5D-9B31-4DAD-ACFE-E132DDB5DAE8} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {5BFA39F9-76C3-4782-8385-CCFAD557D26A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7F30558A-DBD9-475D-978F-8A0A9E95B26A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7F8A23BC-916E-4887-BAE9-F82ED43CB57F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {861CD603-E6AF-4545-B51C-F1527E7977F1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {8B198760-61FE-4D17-9FAC-9106C577D1C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-07] (Google Inc -> Google Inc.)
Task: {94CB84F9-1D5B-4775-9951-D7CA34EE2116} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {952FF45B-D9C8-4257-8405-056578353803} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2018-10-04] (Nota Inc. -> Nota Inc.)
Task: {99B79CE9-35D3-4A5C-BE5F-30F3244CA8E9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3CB1338-429F-4C64-B2F3-44E522107DB5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A759CB3C-5883-47B3-A04F-A8F5F7D93DC5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A76DA5F4-89FD-4288-98ED-EE8D82364A80} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6494C7C-46FF-4944-94A3-1209C263C877} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2018-10-04] (Nota Inc. -> Nota Inc.)
Task: {C4B5A0E0-1D82-442E-9E73-146E56234B86} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [1456128 2018-11-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F10A0FAB-3E61-40F4-BB5B-A9E623F7C0E9} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431816 2019-09-15] (Overwolf Ltd -> Overwolf LTD)
Task: {FEEB1248-CDD0-46F8-8D70-459B2F5E3C17} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b34a42e0-d16e-4479-92c1-0376d21a5832}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 3911gjs4.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default [2020-01-11]
FF Homepage: Mozilla\Firefox\Profiles\3911gjs4.default -> hxxps://www.facebook.com/
FF Notifications: Mozilla\Firefox\Profiles\3911gjs4.default -> hxxps://www.facebook.com
FF Extension: (Avast Online Security) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default\Extensions\wrc@avast.com.xpi [2019-11-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=4.0.0-dev -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-12-10] (VideoLAN) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://facebook.com/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Notifications: Default -> hxxps://www.misthub.com; hxxps://www.youtube.com
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2020-01-11]
CHR DownloadDir: C:\Users\David\Desktop
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2019-12-09]
CHR Extension: (Video Downloader PLUS) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-01-05]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-19]
CHR Extension: (Darkness - Beautiful Dark Themes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2019-05-24]
CHR Extension: (Twitch Now) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2020-01-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2018-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [68608 2017-10-25] () [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-17] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431816 2019-09-15] (Overwolf Ltd -> Overwolf LTD)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-11-28] (Rockstar Games, Inc. -> Rockstar Games)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2019-11-30] (Bluestack Systems, Inc -> Bluestack System Inc. )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29248 2016-09-13] (Hewlett-Packard Company -> Hewlett Packard)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2020-01-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2020-01-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-01-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-01-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2020-01-11] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_3c305af2b0517e24\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

bojimso · #2 Příspěvek od **bojimso** » 11 led 2020 11:59

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-11 11:56 - 2020-01-11 11:57 - 000031575 _____ C:\Users\David\Desktop\FRST.txt
2020-01-11 11:56 - 2020-01-11 11:57 - 000000000 ____D C:\FRST
2020-01-11 11:54 - 2020-01-11 11:55 - 000000000 ____D C:\rsit
2020-01-11 11:54 - 2020-01-11 11:54 - 002573312 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2020-01-11 11:54 - 2020-01-11 11:54 - 001222144 _____ C:\Users\David\Desktop\RSITx64.exe
2020-01-11 11:27 - 2020-01-11 11:28 - 000000000 ____D C:\Users\David\AppData\LocalLow\IGDump
2020-01-11 11:27 - 2020-01-11 11:27 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-11 11:27 - 2020-01-11 11:27 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-01-11 11:27 - 2020-01-11 11:27 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-11 11:27 - 2020-01-11 11:27 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-01-11 11:27 - 2020-01-11 11:27 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-01-11 11:05 - 2020-01-11 11:27 - 000000000 ____D C:\Program Files\VueScan
2020-01-11 11:05 - 2020-01-11 11:05 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2020-01-08 00:19 - 2020-01-08 00:22 - 172856022 _____ C:\Users\David\Desktop\bureš.mp4
2020-01-07 11:15 - 2020-01-07 11:15 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-01-07 11:13 - 2019-12-28 04:55 - 011843296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-07 11:13 - 2019-12-28 04:55 - 010169416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-07 11:13 - 2019-12-28 04:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-07 11:13 - 2019-12-28 04:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-07 11:13 - 2019-12-28 04:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-07 11:13 - 2019-12-28 04:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-07 11:13 - 2019-12-28 04:55 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-07 11:13 - 2019-12-28 04:55 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-07 11:13 - 2019-12-28 04:55 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-07 11:13 - 2019-12-28 04:55 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-07 11:13 - 2019-12-28 04:55 - 000450176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-07 11:13 - 2019-12-28 04:55 - 000354520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 002076080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 001145280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 000824064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 000685256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 000678264 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 000558080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-07 11:13 - 2019-12-28 04:54 - 000544976 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 035380240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 017462152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 015029720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 005383184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 004718512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 001727320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444187.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 001570160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 001492480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444187.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 001371512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 000813984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-07 11:13 - 2019-12-28 04:53 - 000659288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-01-06 14:02 - 2020-01-06 14:02 - 000000000 ____D C:\Worl
2020-01-04 01:32 - 2020-01-04 01:32 - 000000000 ____D C:\Users\David\Desktop\Lenicka.m
2019-12-31 05:08 - 2020-01-10 19:23 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-25 03:27 - 2019-12-25 03:28 - 000000000 ____D C:\Users\David\Desktop\AC Odyssey moje savy
2019-12-25 03:02 - 2019-12-25 03:12 - 000000000 ____D C:\Users\David\AppData\Local\The Witcher
2019-12-25 03:02 - 2019-12-25 03:02 - 000000000 ____D C:\Users\David\Documents\The Witcher
2019-12-25 03:02 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2019-12-25 03:02 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2019-12-25 03:02 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2019-12-25 03:02 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2019-12-25 03:02 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2019-12-25 03:02 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2019-12-25 03:02 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2019-12-25 03:02 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2019-12-25 03:02 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2019-12-25 03:02 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2019-12-25 03:02 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2019-12-25 03:02 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2019-12-25 03:02 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2019-12-25 03:02 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2019-12-25 03:02 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2019-12-25 03:02 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2019-12-25 03:02 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2019-12-25 03:02 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2019-12-25 03:02 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2019-12-25 03:02 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2019-12-25 03:02 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2019-12-25 03:02 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2019-12-25 03:02 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2019-12-25 03:02 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2019-12-25 03:02 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2019-12-25 03:02 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2019-12-25 03:02 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2019-12-25 03:02 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2019-12-25 03:02 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2019-12-25 03:02 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2019-12-25 03:02 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2019-12-25 03:02 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2019-12-25 03:02 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2019-12-25 03:02 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2019-12-25 03:01 - 2019-12-25 03:01 - 000000000 ____D C:\Users\Public\Documents\The Witcher
2019-12-25 03:01 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2019-12-25 03:01 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2019-12-25 03:01 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2019-12-25 03:01 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2019-12-25 03:01 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2019-12-25 03:01 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2019-12-25 03:01 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2019-12-25 03:01 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2019-12-25 03:01 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2019-12-25 03:01 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2019-12-25 03:01 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2019-12-25 03:01 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2019-12-25 03:01 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2019-12-25 03:01 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2019-12-25 03:01 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2019-12-25 03:01 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2019-12-25 03:01 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2019-12-25 03:01 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2019-12-25 03:01 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2019-12-25 03:01 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2019-12-25 03:01 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2019-12-25 03:01 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2019-12-25 03:01 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2019-12-25 03:01 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2019-12-25 03:01 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2019-12-25 03:01 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2019-12-25 03:01 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2019-12-25 03:01 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2019-12-25 03:01 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2019-12-25 03:01 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2019-12-25 03:01 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2019-12-25 03:01 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2019-12-25 03:01 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2019-12-25 03:01 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2019-12-25 03:01 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2019-12-25 03:01 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2019-12-25 03:01 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2019-12-25 03:01 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2019-12-25 03:01 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2019-12-25 03:01 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2019-12-25 03:01 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2019-12-25 03:01 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2019-12-25 03:01 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2019-12-25 03:01 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2019-12-25 03:01 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2019-12-25 03:01 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2019-12-25 03:01 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2019-12-25 03:01 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2019-12-25 03:01 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2019-12-25 03:01 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2019-12-25 03:01 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2019-12-25 03:01 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2019-12-25 03:01 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2019-12-25 03:01 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2019-12-25 03:01 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2019-12-25 03:01 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2019-12-25 03:01 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2019-12-25 03:01 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2019-12-25 03:01 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2019-12-25 03:01 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2019-12-25 03:01 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2019-12-25 03:01 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2019-12-25 03:01 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2019-12-25 03:01 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2019-12-25 03:01 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2019-12-25 03:01 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2019-12-25 03:01 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2019-12-25 03:01 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2019-12-25 03:01 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2019-12-25 03:01 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2019-12-23 04:17 - 2019-12-23 04:17 - 000000221 _____ C:\Users\David\Desktop\The Witcher Enhanced Edition.url
2019-12-14 00:23 - 2019-12-14 00:23 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-14 00:23 - 2019-12-14 00:23 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-14 00:23 - 2019-12-14 00:23 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-14 00:23 - 2019-12-14 00:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-14 00:23 - 2019-12-14 00:23 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-14 00:23 - 2019-12-14 00:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-11 11:57 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-11 11:55 - 2016-10-15 01:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2020-01-11 11:54 - 2019-05-19 12:52 - 000000000 ____D C:\Program Files\trend micro
2020-01-11 11:47 - 2016-10-15 15:57 - 000000000 ____D C:\Users\David\AppData\Roaming\foobar2000
2020-01-11 11:27 - 2016-10-15 01:52 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2020-01-11 11:05 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-11 11:05 - 2017-03-23 17:54 - 000000000 ____D C:\WINDOWS\twain_64
2020-01-11 11:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-11 11:03 - 2017-11-18 21:32 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2020-01-11 11:00 - 2018-11-04 18:46 - 000000000 ____D C:\Program Files (x86)\HP
2020-01-11 10:44 - 2017-07-12 21:01 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-01-11 10:24 - 2019-09-21 12:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-11 08:05 - 2019-09-21 12:41 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-11 08:05 - 2019-09-21 12:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-11 06:32 - 2016-12-26 14:43 - 000000000 ____D C:\World of Warcraft
2020-01-11 06:28 - 2017-09-18 21:03 - 000000000 ____D C:\Users\David\AppData\Local\AVAST Software
2020-01-11 06:28 - 2017-08-17 08:21 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-10 19:46 - 2019-09-21 12:41 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-10 19:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-10 19:23 - 2016-10-21 00:59 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-10 19:23 - 2016-10-14 21:22 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2020-01-10 16:14 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-10 06:11 - 2019-09-21 12:42 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-10 06:11 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-10 06:11 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-10 06:05 - 2019-09-21 12:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-09 18:53 - 2019-09-21 12:34 - 000000000 ____D C:\Users\David
2020-01-09 15:13 - 2019-12-05 04:00 - 000003024 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-01-09 15:13 - 2019-10-02 22:09 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-09 15:13 - 2019-10-02 22:09 - 000003238 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-09 15:13 - 2019-09-21 12:41 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-09 15:13 - 2019-09-21 12:41 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1004
2020-01-09 15:13 - 2019-09-21 12:41 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1002
2020-01-09 15:13 - 2019-09-21 12:41 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-09 15:13 - 2019-09-21 12:41 - 000002494 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2020-01-09 03:39 - 2019-06-08 14:30 - 000000000 ____D C:\Users\David\Desktop\Likeš, Kraken a Vágus memes
2020-01-09 03:20 - 2016-10-07 12:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-07 11:17 - 2016-10-14 18:34 - 000000000 ____D C:\Users\David\AppData\Local\NVIDIA
2020-01-06 09:57 - 2017-03-31 00:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Curse Client
2020-01-03 21:42 - 2019-01-19 16:35 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-01-03 11:23 - 2017-12-11 06:31 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2020-01-01 06:50 - 2016-12-31 18:33 - 000000000 ____D C:\Users\David\AppData\Roaming\discord
2020-01-01 02:02 - 2018-05-18 05:43 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2020-01-01 02:02 - 2016-10-20 21:47 - 000000000 ____D C:\Users\David\AppData\Local\Personify
2019-12-31 05:12 - 2017-08-17 08:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-31 05:12 - 2017-08-17 08:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-31 05:12 - 2017-08-17 08:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-31 03:05 - 2019-11-22 09:41 - 000091732 _____ C:\Users\David\Desktop\trollings.txt
2019-12-30 04:24 - 2019-01-07 08:56 - 000000000 ____D C:\Users\David\Documents\Assassin's Creed Odyssey
2019-12-28 19:18 - 2017-07-12 21:11 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-12-28 04:49 - 2019-09-11 14:25 - 004963480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-12-28 04:49 - 2019-09-11 14:25 - 004229024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-24 11:54 - 2019-09-11 14:25 - 000055783 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-24 09:29 - 2017-08-17 08:21 - 005574128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-12-24 09:29 - 2017-08-17 08:21 - 002655072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-12-24 09:29 - 2017-08-17 08:21 - 001767280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-12-24 09:29 - 2017-08-17 08:21 - 000670048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-12-24 09:29 - 2017-08-17 08:21 - 000454696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-12-24 09:29 - 2017-08-17 08:21 - 000129560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-12-24 09:29 - 2017-08-17 08:21 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-12-23 04:17 - 2016-10-25 07:12 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-22 20:28 - 2017-08-17 08:21 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-12-20 20:23 - 2019-09-19 00:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-19 00:26 - 2017-08-17 08:21 - 008861662 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-12-17 22:40 - 2016-10-15 01:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-16 17:16 - 2018-10-17 22:25 - 000000000 ____D C:\Users\bejja\AppData\Roaming\Plays
2019-12-16 17:15 - 2017-12-04 16:50 - 000000000 ___RD C:\Users\bejja\3D Objects
2019-12-16 17:15 - 2017-11-18 21:32 - 000000000 ____D C:\Users\bejja\AppData\Local\Packages
2019-12-16 17:15 - 2016-11-15 19:31 - 000000000 ____D C:\Users\bejja\AppData\Local\personify
2019-12-16 17:15 - 2016-04-27 07:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-14 14:35 - 2019-09-21 12:31 - 000436632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-14 14:35 - 2017-11-18 21:39 - 000000000 ___RD C:\Users\David\3D Objects
2019-12-14 05:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-14 05:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-14 05:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-14 05:35 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-14 00:25 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 00:30 - 2016-10-14 22:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 00:27 - 2016-10-14 22:11 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2017-08-02 22:57 - 2018-04-05 15:53 - 000000006 _____ () C:\Users\David\AppData\Roaming\.nfe_lock
2019-10-05 22:29 - 2019-10-17 10:56 - 042738921 _____ () C:\Users\David\AppData\Roaming\gta5_patch.bin
2019-10-05 22:29 - 2019-10-05 22:29 - 000332800 _____ () C:\Users\David\AppData\Roaming\patcher.dll
2016-12-18 22:22 - 2016-12-18 22:22 - 000029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by David (11-01-2020 11:57:54)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-09-21 11:41:31)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3482348820-1896476200-1895645591-500 - Administrator - Disabled)
David (S-1-5-21-3482348820-1896476200-1895645591-1002 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-3482348820-1896476200-1895645591-503 - Limited - Disabled)
Guest (S-1-5-21-3482348820-1896476200-1895645591-501 - Limited - Disabled)
Mamka (S-1-5-21-3482348820-1896476200-1895645591-1004 - Limited - Enabled) => C:\Users\bejja
WDAGUtilityAccount (S-1-5-21-3482348820-1896476200-1895645591-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
APP Shop v1.0.21 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.21 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Batman - Arkham Origins (HKLM-x32\...\Batman - Arkham Origins_is1) (Version: - )
Batman Arkham Knight v.1.0.4.5 (HKLM-x32\...\Batman Arkham Knight_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.150.8.1008 - BlueStack Systems, Inc.)
Browser (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Overwolf_jgbnfkaeklillfmfafgkodhlcnfdgkmjmjngaaof) (Version: 1.0.0.0 - Overwolf app)
Browser (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Overwolf_jgbnfkaeklillfmfafgkodhlcnfdgkmjmjngaaof) (Version: 1.0.0.0 - Overwolf app)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Curse Client (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Čeština do hry The Evil Within včetně 3 DLC v1.1 (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Čeština do hry The Evil Within včetně 3 DLC v1.1) (Version: - )
Čeština do hry The Evil Within včetně 3 DLC v1.1 (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Čeština do hry The Evil Within včetně 3 DLC v1.1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0603 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Deus Ex - Human Revolution version 1.0 (HKLM-x32\...\{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1) (Version: 1.0 - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Discord) (Version: 0.0.305 - Discord Inc.)
Fallout 4 v.1.1.30 (HKLM-x32\...\Fallout 4_is1) (Version: - )
foobar2000 v1.3.12 (HKLM-x32\...\foobar2000) (Version: 1.3.12 - Peter Pawlowski)
Game Summary (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 209.1.119 - Overwolf app)
Game Summary (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 209.1.119 - Overwolf app)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Gyazo 3.4.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HearthArena Companion (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.2 - Overwolf app)
HearthArena Companion (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.2 - Overwolf app)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\HearthstoneDeckTracker) (Version: 1.6.9 - HearthSim)
Hearthstone Deck Tracker (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\HearthstoneDeckTracker) (Version: 1.6.9 - HearthSim)
HPSmartDeviceAgentBase (HKLM-x32\...\{F7270182-8AD0-420F-92A3-52438ED810A9}) (Version: 1.1.0.0 - HP Inc)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\{657DFCCF-B080-44B1-9AEA-61676011A1AE}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logitech-kameraindstillinger (HKLM-x32\...\LogiUCDPP) (Version: 1.1.87.0 - Logitech Europe S.A.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482348820-1896476200-1895645591-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060647041\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 70.0.1 (x64 cs)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.2 - Mozilla)
Mozilla Thunderbird 60.7.2 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.7.2 (x86 cs)) (Version: 60.7.2 - Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.135.0.24 - Overwolf Ltd.)
Ovládací panel NVIDIA 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.87 - NVIDIA Corporation) Hidden
Personify ChromaCam (remove only) (HKLM-x32\...\Personify ChromaCam) (Version: 1.1.6.7 - Personify, Inc.)
PixelHealer (HKLM\...\PixelHealer) (Version: 1.5.0.30 - Aurelitec)
Plays (HKU\S-1-5-21-3482348820-1896476200-1895645591-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060647041\...\Plays) (Version: 2.2.8 - Plays.tv, Inc)
Print Conductor 5.4 (HKLM-x32\...\Print Conductor_is1) (Version: 5.4 - fCoder SIA)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7614 - Realtek Semiconductor Corp.)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.16.196 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Streamlabs OBS 0.11.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.1 - General Workings, Inc.)
Super Seducer (HKLM\...\SKIDROW - Super Seducer) (Version: - SKIDROW)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Walking Dead A New Frontier Episode 1 (HKLM-x32\...\The Walking Dead A New Frontier Episode 1_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 4.0.0-dev - VideoLAN)
VooPoo version 1.5.1.30 (HKLM-x32\...\{63EEAD1F-3FC8-40F5-A415-E4BE098004C0}_is1) (Version: 1.5.1.30 - KunShan XW-TEC)
VueScan x64 (HKLM\...\VueScan x64) (Version: 9.7.13 - Hamrick Software)
Warcraft III Beta (HKLM-x32\...\Warcraft III Beta) (Version: - Blizzard Entertainment)
Warframe (HKLM-x32\...\{72BD42A9-6701-42EB-B77A-2AFC0C499F5E}) (Version: 1.0.0 - Digital Extremes)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-13] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-16] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3482348820-1896476200-1895645591-1002_Classes\CLSID\{9a338598-86a1-4119-8b66-9d52715b6a76}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-12-17 21:36 - 2019-12-17 21:37 - 096131072 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\libcef.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\libEGL.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 004342784 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\libGLESv2.dll
2016-03-30 12:46 - 2016-03-30 12:46 - 000356352 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2016-09-16 11:42 - 2016-09-16 11:42 - 000309760 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2016-09-16 11:42 - 2016-09-16 11:42 - 000536576 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2016-09-16 11:43 - 2016-09-16 11:43 - 000205312 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2016-09-16 11:43 - 2016-09-16 11:43 - 000250880 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2016-09-16 11:42 - 2016-09-16 11:42 - 000296448 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2016-03-30 12:45 - 2016-03-30 12:45 - 000307200 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2016-09-16 11:43 - 2016-09-16 11:43 - 001423360 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2016-10-25 21:18 - 2016-10-04 19:19 - 000172032 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_np_simple.dll
2016-03-30 12:44 - 2016-03-30 12:44 - 000375296 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2016-09-16 11:43 - 2016-09-16 11:43 - 001083392 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2016-09-16 11:42 - 2016-09-16 11:42 - 000276480 _____ () [File not signed] C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2016-09-16 11:41 - 2016-09-16 11:41 - 000156160 _____ () [File not signed] C:\Program Files (x86)\foobar2000\shared.dll
2019-04-21 09:33 - 2019-04-21 09:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-04-21 09:32 - 2019-04-21 09:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-04-21 09:33 - 2019-04-21 09:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-04-21 09:32 - 2019-04-21 09:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-04-21 09:33 - 2019-04-21 09:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-09-09 15:29 - 2019-09-09 15:29 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-09-09 15:30 - 2019-09-09 15:30 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-09-09 15:30 - 2019-09-09 15:30 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2019-09-15 21:44 - 2019-09-15 21:44 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2016-08-19 14:43 - 2016-08-19 14:43 - 000809998 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\foobar2000\avcodec-fb2k-57.dll
2016-08-19 14:43 - 2016-08-19 14:43 - 000528910 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\foobar2000\avutil-fb2k-55.dll
2015-06-23 15:00 - 2015-06-23 15:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-23 15:00 - 2015-06-23 15:00 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2016-04-04 08:42 - 2016-04-04 08:42 - 000095696 _____ (Piotr Pawłowski -> ) [File not signed] C:\Program Files (x86)\foobar2000\zlib1.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2019-12-17 21:35 - 2019-12-17 21:35 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\chrome_elf.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2019-09-15 21:44 - 2019-09-15 21:44 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2019-12-17 21:35 - 2019-12-17 21:35 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\audio\qtaudio_windows.dll
2019-12-17 21:36 - 2019-12-17 21:36 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\imageformats\qgif.dll
2019-12-17 21:36 - 2019-12-17 21:36 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\imageformats\qico.dll
2019-12-17 21:36 - 2019-12-17 21:36 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\imageformats\qjpeg.dll
2019-12-17 21:36 - 2019-12-17 21:36 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\imageformats\qmng.dll
2019-12-17 21:36 - 2019-12-17 21:36 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\imageformats\qsvg.dll
2019-12-17 21:36 - 2019-12-17 21:36 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\imageformats\qtiff.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\platforms\qwindows.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtQml\Models.2\modelsplugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtQuick.2\qtquick2plugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\qml\QtQuick\Window.2\windowplugin.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Core.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Gui.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Multimedia.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Network.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Qml.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Quick.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5QuickControls2.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5QuickTemplates2.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Svg.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Widgets.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5WinExtras.dll
2019-12-17 21:37 - 2019-12-17 21:37 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11740\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2019-09-24 11:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646561\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646592\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wp3662821-assassin-wallpapers.jpg
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wp3662821-assassin-wallpapers.jpg
HKU\S-1-5-21-3482348820-1896476200-1895645591-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060647041\Control Panel\Desktop\\Wallpaper -> C:\Users\bejja\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{97adaf7c-7a52-48c7-a2fc-6fe3e66b1aea}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102020060646620\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{EA613B87-0798-4766-A039-C81BCAB8DFFE}C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{037281B6-55E4-4E6B-A41A-47FB34BA2F4D}C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{3AF034F5-FB2A-4042-9468-5CA7E033B4E7}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{05F735C0-7169-4805-A4E0-4555305419CD}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2FFC3A6B-0473-4092-ABE1-5D39FD53A17E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F2405F33-0AF3-431E-9652-1707CA01F1D4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A1F83455-609A-47AF-9B5A-D69FC68CF4A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Millie\Millie.exe () [File not signed]
FirewallRules: [{6C593DAD-8395-4F11-A590-F76DDDC9FE92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Millie\Millie.exe () [File not signed]
FirewallRules: [UDP Query User{302C507C-4DA4-49AB-B64A-8352BC41950E}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{06AC170C-54F5-41D1-B2B9-6B5A0A08E0E1}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{10D5C4D9-2E6B-4B67-A476-5281B56C5955}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{502EF961-5B71-4A32-969F-BA5D52140A00}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{7EC9CC81-508D-4D45-8E81-DB52CCF2436E}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{98050A6F-1373-48CC-83FA-4BBE97A3F9B5}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6717FD1-C1CD-42BE-B332-10194F946F21}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{3741751F-5BEE-45CB-837A-59E83B005968}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9B04128-D8B4-493D-B96B-5A6BAD2795ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{7DA08C82-AB8E-46FE-83A4-6CCF7A8EAA24}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0329B052-4C9E-40FD-AD0B-127686849CB4}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{32FF5D5F-AE6F-4F4E-9C6A-A44362281CD3}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{30431157-60F2-404A-B781-4FC5A1FE4407}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{AFC1F7F7-ED3C-4777-85B5-65678200DA35}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{747FE15F-A487-4A02-A70A-A9E98014E198}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{11522C14-B13A-4060-A2EB-03E1287F5182}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{4894D9CD-74EE-4F4D-B682-799DCF973BD9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{28C2D19F-C193-4A94-97AD-664B24F1C348}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{72CA7C7D-10FB-4D96-B4E3-9AC3B9BB9EDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{68FBEF50-D0C9-4B70-A3DA-FA8AB9F5C96E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{C03AB2BE-B25F-4357-9117-35F841408DDF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D1F0F24-59F0-49DC-9CBA-9166ED79341E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{215B305F-3793-4710-866F-AAAFC4D5A75D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9526E725-5332-4491-900A-A5B3E00C15F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{95745F81-0967-4BC0-A61E-3A3E1F4555A8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0AFE615F-ABD8-45F3-9AE8-F7117FC64CDC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{DE2DE3B5-8173-4FAC-896C-9FAC3AE29D46}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{42216372-4873-4D06-8A71-3F90277E2E73}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E09D3792-7521-4348-A40C-8F04F7EBBEC1}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{950A489C-6DC1-4369-A3DC-3DFAE6527798}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{60D42B90-ECC4-40D2-A604-71943C273C20}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E9EF1AF2-ADBB-494C-8D92-63F88029BF4B}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9587D4F0-7BDE-42AA-8234-5B4948E5084A}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{320922C1-99B3-4866-95D5-6D0C8792482C}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{52E113A4-D189-4112-826B-9019169D0858}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{B8A860D9-E58B-40DD-B63F-07CE2BEC9BA5}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{6F3AD882-084D-4F82-88D9-937FCC53BB4C}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{42B2AA49-B47A-4C28-9490-87830D930524}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{20DA8768-1C0C-4311-B256-EE2BA0A8B9C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68B19BB6-6B40-4378-84CD-986EDB55E602}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DEB78261-FFAC-424B-A809-FF33F8EF4D10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{576CACCD-318B-47D6-9330-A51458DA434C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1A5E115A-10A8-458D-B3A0-0D08C151128D}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{A33F85DC-8C02-40B1-99C9-2E2A9F5F0587}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{6C719981-2323-45D2-8DE7-459F0642ACCB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{71AD977F-F040-4ECE-A4E7-75D4829DC5FC}] => (Allow) C:\Users\David\AppData\Local\Temp\7zS7D3C\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{72BFE8A0-4A58-4F0B-8041-B2DEFE99E71C}] => (Allow) C:\Users\David\AppData\Local\Temp\7zS7D3C\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{ED2F8AD3-A6E8-4A1C-BE03-77568C5A9C31}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software) [File not signed]
FirewallRules: [{24DF0275-31DF-480F-95AD-E9A62D964EA7}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software) [File not signed]

==================== Restore Points =========================

04-01-2020 22:30:33 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: HID-compliant headset
Description: HID-compliant headset
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (01/11/2020 11:27:46 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu (unknown) na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (01/11/2020 11:27:46 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/11/2020 11:27:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Patch-VueScan.Pro.9.6.x.(x86-x64).exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1900

Čas spuštění: 01d5c8698c374f42

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\VueScan\Patch-VueScan.Pro.9.6.x.(x86-x64).exe

ID hlášení: 2c53b562-fbc5-4041-96c8-b28aa3abd203

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

Error: (01/11/2020 11:27:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Keygen.exe, verze: 1.0.0.0, časové razítko: 0x523e02ea
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.387, časové razítko: 0xa4208572
Kód výjimky: 0xc0000005
Posun chyby: 0x00051c3e
ID chybujícího procesu: 0x35e8
Čas spuštění chybující aplikace: 0x01d5c869b1dfc744
Cesta k chybující aplikaci: C:\Users\David\AppData\Local\Temp\Keygen.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 3aefc49c-0f16-43b0-b10c-7799d0d044d1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2020 11:21:14 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu (unknown) na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (01/11/2020 11:21:14 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/11/2020 09:02:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HD-Player.exe, verze: 4.150.8.1008, časové razítko: 0x5de1e829
Název chybujícího modulu: libOpenglRender.dll, verze: 4.150.8.1008, časové razítko: 0x5de1e7c1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000008e066
ID chybujícího procesu: 0x764
Čas spuštění chybující aplikace: 0x01d5c84ef2463553
Cesta k chybující aplikaci: C:\Program Files\BlueStacks\HD-Player.exe
Cesta k chybujícímu modulu: C:\Program Files\BlueStacks\libOpenglRender.dll
ID zprávy: 960b17c1-74d2-40db-933d-744f9ca5a86d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2020 09:02:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: HD-Player.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FF98ADEE066
Zásobník:

System errors:
=============
Error: (01/11/2020 08:05:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 07:16:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 07:14:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 07:12:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 07:10:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {F53321FA-34F8-4B7F-B9A3-361877CB94CF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 07:08:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 07:00:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/10/2020 02:24:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {F53321FA-34F8-4B7F-B9A3-361877CB94CF} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===================================

Date: 2020-01-11 11:54:42.525
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-11 11:54:42.521
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-11 11:54:42.320
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-11 11:54:42.317
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-11 11:54:41.976
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-11 11:54:41.973
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-11 11:54:41.917
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-11 11:54:41.913
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.80 01/26/2016
Motherboard: ASRock Z170 Extreme4
Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 66%
Total physical RAM: 8137.27 MB
Available physical RAM: 2701.27 MB
Total Virtual: 19401.27 MB
Available Virtual: 10554.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.18 GB) (Free:33.93 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:361.15 GB) NTFS

\\?\Volume{153a7e41-9717-4114-b409-806cd10646b5}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{a57f3c44-5d42-4e0e-a549-233e2a1c34ff}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
\\?\Volume{138a95a2-35ad-430f-91a6-0617b595d599}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#3 Příspěvek od **Rudy** » 11 led 2020 12:30

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

bojimso · #4 Příspěvek od **bojimso** » 11 led 2020 12:39

Zdravím, restart nebyl potřeba a log se vytvořil ihned. Mám v programu zadat i basic repair, aby se resetoval Winsock?

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-11-2020
# Duration: 00:00:28
# OS: Windows 10 Home
# Scanned: 34757
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

#5 Příspěvek od **Rudy** » 11 led 2020 15:58

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\David\AppData\Local\Temp\Keygen.exe
C:\Users\David\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

bojimso · #6 Příspěvek od **bojimso** » 11 led 2020 16:11

Hotovo, zde je Fixlog

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by David (11-01-2020 16:09:08) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David & Mamka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\David\AppData\Local\Temp\Keygen.exe
C:\Users\David\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\David\AppData\Local\Temp\Keygen.exe => moved successfully
C:\Users\David\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26472917 B
Java, Flash, Steam htmlcache => 233454272 B
Windows/system/drivers => 74253245 B
Edge => 18432 B
Chrome => 882364971 B
Firefox => 22675968 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15668 B
NetworkService => 15668 B
David => 2198762 B
bejja => 72875081 B

RecycleBin => 2027915 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:10:16 ====

#7 Příspěvek od **Rudy** » 11 led 2020 16:58

Smazáno. Nastala nějaká změna?

bojimso · #8 Příspěvek od **bojimso** » 11 led 2020 17:06

Uz nejakou dobu mi internet nespadl, tak asi vyreseno. Jsem rad, ze mam alespon PC vycisteno a pokud budou nejake dalsi problemy, obratim se na poskytovatele internetu. Dekuji!

#9 Příspěvek od **Rudy** » 11 led 2020 17:52

Tak to se určitě obraťte v případě dalších problémů. Nemáte zač!

VIRY.CZ

Vypadávající internet

Vypadávající internet

Re: Vypadávající internet

Re: Vypadávající internet

Re: Vypadávající internet

Re: Vypadávající internet

Re: Vypadávající internet

Re: Vypadávající internet

Re: Vypadávající internet

Re: Vypadávající internet