Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Omylom som nainštaloval falošný softvér

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
tipota
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 led 2008 04:05

Omylom som nainštaloval falošný softvér

#1 Příspěvek od tipota »

Chcel som stiahnuť software etcher na urobenite bootovacieho USB z ISO a duckduckgo mi ako prvý výsledok našiel podvodnú stránku etcher.net ale originál má byť balena.io/etcher/ tak som na ňu klikol a stiahol to.´

Inštalačka sa najprv opýtala či chcem inštalovať doplnkový software všade som dal decline a keď som prišiel na koniec declinovania tak začala aj tak inštalovať operu, awast, monitor manager a ešte pár ďalších mená si už nepamätám.
Rýchlo som to zabil cez správcu úloh lebo sa mi tá inštalačka skryla dole do lišty a nedalo sa stým nič robiť len to inštalovalo jedno za druhým.
Následne som odinštaloval všetko cez windows správcu, vyčistil som všetko čo sa dalo s CC cleanerom a nainštaloval malwarebytes, ten našiel 2 POP.UP hrozby, potom som stiahol MBAR a ten nenašiel nič tak by som sa rád opýtal či je ešte niečo potrebné urobiť.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2020
Ran by XXXXX (administrator) on DESKTOP-GRHC72E (06-12-2020 00:20:33)
Running from C:\Users\XXXXX\Downloads
Loaded Profiles: XXXXX
Platform: Windows 10 Home Version 20H2 19042.630 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Balena Inc -> Balena Inc.) C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\balenaEtcher.exe <6>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\Display.NvContainer\NVDisplay.Container.exe <2>
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe [1179440 2020-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-11-22] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1319B9D0-2C24-42BD-B35F-2D05F4072051} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {316C9C81-BC30-488D-B094-2A6DB2FCA8A8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> )
Task: {33C40D29-A502-4A7E-9F35-E0A4A3E44C44} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {4059976D-EBCE-46C5-B301-8C3F565B107B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45147ED4-9FDB-4957-BF9B-98CE6A44A4B3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4A09990E-FB89-4831-9F84-E84C7642D3F4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2488152 2020-11-16] (Overwolf Ltd -> Overwolf LTD)
Task: {53584EB5-2E50-425A-82C5-D785651D9160} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55E9B095-93CE-48D4-8C2D-AC98A9A71BE3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D449091-25C3-45B1-B711-F38EAF8B5DF7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D4E2291-2D98-414B-A209-111A28C55F63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
Task: {617C5457-5CED-43DE-8CA9-BEFAA93DEF1A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63DD316B-F992-43E8-A4C3-DA12CB2B9E9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6745B201-DBD0-45BA-823E-E4F0231E6C5C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D44B86E-E0CB-4B98-8CDF-822C31DDE320} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1871522644-2133478366-4099155915-500 => C:\Users\XXXXX\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {735A0D13-50C8-4E40-B076-7F3F30503237} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {795862F6-8F9F-4CB5-9169-04EF99F08022} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9590D61B-AFDA-44DB-B757-35548F8BEB43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
Task: {D0D55614-A1FA-4C01-80F3-12E2A4D0C8A0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {EB5EDA43-8027-4739-874B-A6EC0A9F43B2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F0DA3AE5-574C-4A9E-AEB9-B729FB649774} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1871522644-2133478366-4099155915-1001 => C:\Windows\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-09] (Microsoft Windows -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4
Tcpip\..\Interfaces\{4f787132-5006-45e4-85e1-4f404a3ae87a}: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4

Edge:
======
Edge Profile: C:\Users\XXXXX\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-06]

FireFox:
========
FF DefaultProfile: ftbs4dcq.default
FF ProfilePath: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ftbs4dcq.default [2020-11-22]
FF ProfilePath: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release [2020-12-05]
FF Extension: (HTTPS Everywhere) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-22]
FF Extension: (Decentraleyes) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-11-22]
FF Extension: (Privacy Badger) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-11-22]
FF Extension: (uBlock Origin) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-22]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default [2020-12-06]
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-22]
CHR Extension: (BetterTTV) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-11-29]
CHR Extension: (Docs) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-22]
CHR Extension: (Google Drive) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-22]
CHR Extension: (Notifier for Feedly™) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbepjjjeionddbieffjjllpiaogcllhc [2020-11-22]
CHR Extension: (YouTube) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-22]
CHR Extension: (uBlock Origin) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-04]
CHR Extension: (Search by Image) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnojnbdhbhnkbcieeekonklommdnndci [2020-11-24]
CHR Extension: (Tampermonkey) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-11-22]
CHR Extension: (FrankerFaceZ) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-11-22]
CHR Extension: (Sheets) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-22]
CHR Extension: (Readium) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2020-11-22]
CHR Extension: (HTTPS Everywhere) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-22]
CHR Extension: (Imagus) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-11-22]
CHR Extension: (EPUBReader) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-11-22]
CHR Extension: (View Image Info (properties)) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldjjifbpipdmligefcogandjojpdagn [2020-11-22]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-11-22]
CHR Extension: (Google Mail Checker) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-11-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-22]
CHR Extension: (Gmail) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-22]
CHR Extension: (Chrome Media Router) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-22]
CHR Extension: (Privacy Badger) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-11-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2488152 2020-11-16] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-21] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294640 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 RtkAudioUniversalService; C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe [1179440 2020-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0053; C:\Windows\System32\drivers\RzDev_0053.sys [52528 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-06 00:20 - 2020-12-06 00:20 - 000019109 _____ C:\Users\XXXXX\Downloads\FRST.txt
2020-12-06 00:17 - 2020-12-06 00:20 - 000000000 ____D C:\FRST
2020-12-06 00:16 - 2020-12-06 00:16 - 002288640 _____ (Farbar) C:\Users\XXXXX\Downloads\FRST64.exe
2020-12-06 00:08 - 2020-12-06 00:08 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\7551648F.sys
2020-12-06 00:07 - 2020-12-06 00:13 - 000000000 ____D C:\Users\XXXXX\Desktop\mbar
2020-12-06 00:07 - 2020-12-06 00:13 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-12-06 00:07 - 2020-12-06 00:07 - 014178840 _____ (Malwarebytes Corp.) C:\Users\XXXXX\Downloads\mbar-1.10.3.1001.exe
2020-12-06 00:03 - 2020-12-06 00:04 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\balena-etcher
2020-12-06 00:03 - 2020-12-06 00:03 - 000002460 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\balenaEtcher.lnk
2020-12-06 00:03 - 2020-12-06 00:03 - 000002452 _____ C:\Users\XXXXX\Desktop\balenaEtcher.lnk
2020-12-06 00:03 - 2020-12-06 00:03 - 000000000 ____D C:\Users\XXXXX\AppData\Local\balena-etcher-updater
2020-12-05 23:59 - 2020-12-06 00:03 - 130296744 _____ (Balena Inc.) C:\Users\XXXXX\Downloads\balenaEtcher-Setup-1.5.112.exe
2020-12-05 23:54 - 2020-12-06 00:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-05 23:54 - 2020-12-05 23:54 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-12-05 23:54 - 2020-12-05 23:54 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-12-05 23:54 - 2020-12-05 23:54 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-12-05 23:54 - 2020-12-05 23:54 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-05 23:54 - 2020-12-05 23:54 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-05 23:54 - 2020-12-05 23:54 - 000001981 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-05 23:54 - 2020-12-05 23:54 - 000000000 ____D C:\Users\XXXXX\AppData\Local\mbam
2020-12-05 23:53 - 2020-12-05 23:53 - 002077136 _____ (Malwarebytes) C:\Users\XXXXX\Downloads\MBSetup.exe
2020-12-05 23:53 - 2020-12-05 23:53 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-05 23:44 - 2020-12-05 23:48 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Opera Software
2020-12-05 23:44 - 2020-12-05 23:44 - 000002389 _____ C:\Users\XXXXX\Desktop\facebook.lnk
2020-12-05 23:44 - 2020-12-05 23:44 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Opera Software
2020-12-05 23:44 - 2020-12-05 23:44 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Walliant
2020-12-05 23:43 - 2020-12-05 23:50 - 000000000 ____D C:\ProgramData\Avast Software
2020-12-05 23:43 - 2020-12-05 23:45 - 117483072 _____ (Balena Inc.) C:\Users\XXXXX\Downloads\Etcher_Portable.exe
2020-12-05 23:43 - 2020-12-05 23:43 - 000016438 _____ C:\Users\XXXXX\AppData\Local\partner.bmp
2020-12-05 23:42 - 2020-12-05 23:42 - 000000000 ____D C:\Program Files (x86)\NolanaCaramelmoaInstall
2020-12-05 23:33 - 2020-12-05 23:43 - 2785017856 _____ C:\Users\XXXXX\Downloads\ubuntu-20.04.1-desktop-amd64.iso
2020-12-05 22:39 - 2020-12-05 23:23 - 000000000 ____D C:\Users\XXXXX\.conda
2020-12-05 22:39 - 2020-12-05 23:06 - 000000043 _____ C:\Users\XXXXX\.condarc
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\Documents\Python Scripts
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\.anaconda
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\AppData\Local\pip
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\AppData\Local\conda
2020-12-05 22:36 - 2020-12-05 22:37 - 479396152 _____ (Anaconda, Inc.) C:\Users\XXXXX\Downloads\Anaconda3-2020.11-Windows-x86_64.exe
2020-12-05 11:05 - 2020-12-05 23:27 - 000000094 _____ C:\Users\XXXXX\Desktop\New Text Document.txt
2020-12-05 10:59 - 2020-12-05 11:01 - 000000000 ____D C:\Users\XXXXX\Downloads\New folder
2020-12-04 11:12 - 2020-12-04 11:42 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\vlc
2020-12-04 11:07 - 2020-12-04 11:11 - 1423980180 _____ C:\Users\XXXXX\Downloads\20201204_101447.mp4
2020-12-01 18:06 - 2020-12-01 18:06 - 000000910 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-12-01 18:06 - 2020-12-01 18:06 - 000000862 _____ C:\Users\XXXXX\Desktop\Start Tor Browser.lnk
2020-12-01 18:06 - 2020-12-01 18:06 - 000000000 ____D C:\Users\XXXXX\Desktop\Tor Browser
2020-11-27 22:01 - 2020-11-27 22:01 - 000001159 _____ C:\Users\XXXXX\Desktop\MSI Afterburner.lnk
2020-11-27 22:01 - 2020-11-27 22:01 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2020-11-27 22:00 - 2020-11-27 22:01 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-11-25 21:54 - 2020-11-25 21:54 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2020-11-23 00:53 - 2020-12-05 23:52 - 000000000 ____D C:\Windows\Panther
2020-11-22 22:52 - 2020-11-23 15:45 - 000000250 _____ C:\Users\XXXXX\Desktop\hwmonitorw.ini
2020-11-22 22:31 - 2020-11-23 15:50 - 000000000 ____D C:\Users\XXXXX\Desktop\prime
2020-11-22 22:24 - 2020-11-22 22:24 - 000000000 ____D C:\Users\XXXXX\AppData\Local\ImageMagick
2020-11-22 22:22 - 2020-11-22 22:22 - 000003484 _____ C:\Windows\system32\Tasks\AMDAutoUpdate
2020-11-22 22:22 - 2020-11-22 22:22 - 000002219 _____ C:\Users\Public\Desktop\AMD Ryzen Master.lnk
2020-11-22 22:22 - 2020-11-22 22:22 - 000002219 _____ C:\ProgramData\Desktop\AMD Ryzen Master.lnk
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Downloaded Installations
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\Users\XXXXX\AppData\Local\AMD
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\Program Files\AMD
2020-11-22 20:05 - 2020-11-22 20:05 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-22 20:05 - 2020-11-22 20:05 - 000152576 _____ C:\Windows\system32\EoAExperiences.exe
2020-11-22 20:05 - 2020-11-22 20:05 - 000009265 _____ C:\Windows\system32\DrtmAuthTxt.wim
2020-11-22 20:04 - 2020-11-22 20:04 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-22 20:04 - 2020-11-22 20:04 - 000197632 _____ C:\Windows\system32\IHDS.dll
2020-11-22 20:01 - 2020-11-22 20:02 - 000000000 ____D C:\Windows\system32\MRT
2020-11-22 19:35 - 2020-12-05 20:30 - 000002176 _____ C:\Users\XXXXX\Desktop\CurseForge.lnk
2020-11-22 19:35 - 2020-12-05 20:30 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-11-22 19:35 - 2020-11-22 19:35 - 000004380 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2020-11-22 19:35 - 2020-11-22 19:35 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-11-22 19:35 - 2020-11-22 19:35 - 000000000 ____D C:\ProgramData\Overwolf
2020-11-22 19:30 - 2020-12-05 20:30 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Overwolf
2020-11-22 19:28 - 2020-11-22 19:37 - 000000000 ____D C:\Users\XXXXX\AppData\Local\WowUp
2020-11-22 19:28 - 2020-11-22 19:28 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Jliddev
2020-11-22 19:28 - 2020-10-24 22:11 - 102337143 _____ (Jliddev) C:\Users\XXXXX\Desktop\WowUp.exe
2020-11-22 18:45 - 2020-12-05 23:52 - 000000000 ____D C:\Users\XXXXX\AppData\Local\CrashDumps
2020-11-22 18:38 - 2020-11-22 18:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\calibre-cache
2020-11-22 18:37 - 2020-11-22 18:38 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\calibre
2020-11-22 18:37 - 2020-11-22 18:37 - 000000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2020-11-22 18:37 - 2020-11-22 18:37 - 000000999 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2020-11-22 18:37 - 2020-11-22 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2020-11-22 18:37 - 2020-11-22 18:37 - 000000000 ____D C:\Program Files\Calibre2
2020-11-22 18:00 - 2020-11-22 18:00 - 000000000 ___HD C:\$WinREAgent
2020-11-22 17:10 - 2020-09-07 14:28 - 002580112 _____ (CPUID) C:\Users\XXXXX\Desktop\HWMonitor_x64.exe
2020-11-22 16:50 - 2020-11-22 16:50 - 000001070 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2020-11-22 16:50 - 2020-11-22 16:50 - 000001070 _____ C:\ProgramData\Desktop\World of Warcraft.lnk
2020-11-22 16:50 - 2020-11-22 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2020-11-22 16:38 - 2020-12-05 12:16 - 000000000 ____D C:\Users\XXXXX\AppData\LocalLow\Mozilla
2020-11-22 16:38 - 2020-11-22 16:38 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Mozilla
2020-11-22 16:38 - 2020-11-22 16:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Mozilla
2020-11-22 16:30 - 2020-11-23 21:36 - 000000000 ____D C:\Users\XXXXX\AppData\Local\D3DSCache
2020-11-22 16:26 - 2020-11-25 07:11 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2020-11-22 16:24 - 2020-11-22 16:24 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2020-11-22 16:22 - 2020-12-05 22:42 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Battle.net
2020-11-22 16:22 - 2020-11-22 16:24 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Battle.net
2020-11-22 16:18 - 2020-11-22 16:18 - 000000000 ____D C:\Users\XXXXX\AppData\Local\GHISLER
2020-11-22 16:11 - 2020-11-07 05:01 - 000038632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 001769688 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001769688 _____ C:\Windows\system32\vulkaninfo.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001054944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 001054944 _____ C:\Windows\system32\vulkan-1.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000455408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000349936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 002096880 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001585560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001506032 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001159920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001027992 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000816368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000813464 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000674712 _____ C:\Windows\system32\nvofapi64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000670616 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000656112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000590576 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-11-22 16:09 - 2020-11-07 18:38 - 000556440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000543128 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 007707544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 006858992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 004175256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 002509720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 000849648 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-11-22 16:09 - 2020-11-07 18:37 - 000445848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-11-22 16:09 - 2020-11-07 18:36 - 005976296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-11-22 16:09 - 2020-11-07 05:01 - 000080930 _____ C:\Windows\system32\nvinfo.pb
2020-11-22 16:05 - 2020-11-22 16:05 - 000000000 ____D C:\Users\XXXXX\AppData\Local\OneDrive
2020-11-22 16:03 - 2020-11-22 16:03 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-11-22 16:03 - 2020-10-04 17:59 - 000274736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2020-11-22 16:03 - 2020-10-04 17:59 - 000229680 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2020-11-22 16:03 - 2020-10-04 17:56 - 006161504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-11-22 16:03 - 2020-10-04 17:46 - 042448072 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-11-22 16:03 - 2019-12-19 08:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-11-22 15:59 - 2020-11-22 15:59 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\NVIDIA
2020-11-22 15:59 - 2020-11-22 15:59 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\LibreOffice
2020-11-22 15:55 - 2020-11-22 15:55 - 000000000 _SHDL C:\Documents and Settings
2020-11-22 15:53 - 2020-11-22 15:53 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1871522644-2133478366-4099155915-500
2020-11-22 15:53 - 2020-11-22 15:53 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-11-22 15:52 - 2020-11-22 16:24 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-11-22 15:52 - 2020-11-22 15:52 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\AMD
2020-11-22 15:52 - 2020-11-22 15:52 - 000000000 ____D C:\Program Files (x86)\AMD
2020-11-22 15:51 - 2020-11-22 22:21 - 000000000 ____D C:\AMD
2020-11-22 15:51 - 2020-11-22 16:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-11-22 15:51 - 2020-11-22 16:03 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-11-22 15:51 - 2020-11-22 15:51 - 000000000 ____D C:\Users\XXXXX\AppData\Local\setup
2020-11-22 15:51 - 2020-11-22 15:51 - 000000000 ____D C:\Users\XXXXX\AppData\Local\cache
2020-11-22 15:51 - 2020-06-18 16:56 - 001146448 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2020-11-22 15:50 - 2020-11-22 15:50 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Blizzard Entertainment
2020-11-22 15:47 - 2020-11-22 15:47 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Garmin_Ltd._or_its_subsid
2020-11-22 15:47 - 2020-11-22 15:47 - 000000000 ____D C:\ProgramData\Battle.net
2020-11-22 15:46 - 2020-11-22 15:46 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-11-22 15:46 - 2020-11-22 15:46 - 000000837 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-11-22 15:46 - 2020-11-22 15:46 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Steam
2020-11-22 15:46 - 2020-11-22 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-11-22 15:46 - 2020-11-22 15:46 - 000000000 ____D C:\Program Files\Speccy
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files\MSBuild
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-11-22 15:44 - 2020-12-05 23:59 - 000000000 ____D C:\Program Files\CCleaner
2020-11-22 15:44 - 2020-12-04 07:46 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-22 15:44 - 2020-11-28 14:43 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Garmin
2020-11-22 15:44 - 2020-11-28 14:43 - 000000000 ____D C:\ProgramData\Garmin
2020-11-22 15:44 - 2020-11-22 15:44 - 000003624 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2020-11-22 15:44 - 2020-11-22 15:44 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-22 15:44 - 2020-11-22 15:44 - 000001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000001963 _____ C:\ProgramData\Desktop\Garmin Express.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\Program Files\DIFX
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\Program Files (x86)\Garmin
2020-11-22 15:42 - 2020-11-22 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-11-22 15:42 - 2020-11-22 15:42 - 000001181 _____ C:\Users\Public\Desktop\LibreOffice 7.0.lnk
2020-11-22 15:42 - 2020-11-22 15:42 - 000001181 _____ C:\ProgramData\Desktop\LibreOffice 7.0.lnk
2020-11-22 15:42 - 2020-11-22 15:42 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Comms
2020-11-22 15:41 - 2020-11-22 15:41 - 000000000 ____D C:\Program Files\LibreOffice
2020-11-22 15:40 - 2020-11-22 15:40 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2020-11-22 15:39 - 2020-11-22 15:59 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Google
2020-11-22 15:38 - 2020-12-03 16:16 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\discord
2020-11-22 15:38 - 2020-11-22 15:38 - 000002231 _____ C:\Users\XXXXX\Desktop\Discord.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000907 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000907 _____ C:\ProgramData\Desktop\qBittorrent.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\SquirrelTemp
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Discord
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Program Files\VideoLAN
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Program Files\qBittorrent
2020-11-22 15:37 - 2020-12-04 13:16 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-22 15:37 - 2020-12-04 13:16 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-22 15:37 - 2020-12-02 21:13 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-22 15:37 - 2020-12-02 21:13 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-22 15:37 - 2020-12-02 21:13 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-22 15:37 - 2020-11-26 23:10 - 000000000 ____D C:\Program Files (x86)\Steam
2020-11-22 15:37 - 2020-11-22 16:54 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Notepad++
2020-11-22 15:37 - 2020-11-22 15:37 - 000001966 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001948 _____ C:\Users\Public\Desktop\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001948 _____ C:\ProgramData\Desktop\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\Users\Public\Desktop\WinDirStat.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\Users\Public\Desktop\Notepad++.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\ProgramData\Desktop\WinDirStat.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\ProgramData\Desktop\Notepad++.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files\SumatraPDF
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files\Google
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files\7-Zip
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files (x86)\WinDirStat
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-22 15:36 - 2020-12-05 12:15 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-22 15:36 - 2020-11-22 16:18 - 000000000 ____D C:\totalcmd
2020-11-22 15:36 - 2020-11-22 15:36 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000993 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000683 _____ C:\Users\XXXXX\Desktop\Total Commander 64 bit.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\GHISLER
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-22 15:35 - 2020-12-05 23:59 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-22 15:35 - 2020-11-22 22:21 - 000000000 ____D C:\Users\XXXXX\AppData\Local\NVIDIA
2020-11-22 15:35 - 2020-11-22 16:12 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-11-22 15:35 - 2020-11-22 15:58 - 000000000 ____D C:\Users\XXXXX\AppData\Local\NVIDIA Corporation
2020-11-22 15:35 - 2020-11-22 15:35 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-11-22 15:35 - 2020-11-22 15:35 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-11-22 15:35 - 2020-11-22 15:35 - 000000000 ____D C:\Users\XXXXX\ansel
2020-11-22 15:35 - 2020-11-22 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-22 15:35 - 2020-10-20 13:56 - 002797552 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-11-22 15:35 - 2020-10-20 13:56 - 002154984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-11-22 15:35 - 2020-10-20 13:56 - 001294832 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-11-22 15:35 - 2020-10-19 06:42 - 000069608 _____ C:\Windows\system32\FvSDK_x64.dll
2020-11-22 15:35 - 2020-10-19 06:42 - 000058344 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2020-11-22 15:35 - 2020-10-17 16:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2020-11-22 15:35 - 2020-08-10 16:20 - 000169272 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2020-11-22 15:35 - 2020-08-10 16:20 - 000145208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2020-11-22 15:35 - 2020-03-11 20:26 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-11-22 15:35 - 2020-03-06 11:03 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-11-22 15:35 - 2020-03-04 13:54 - 000050592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2020-11-22 15:34 - 2020-11-29 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-11-22 15:34 - 2020-11-22 15:58 - 000000000 ____D C:\temp
2020-11-22 15:34 - 2020-11-22 15:34 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Synapse3
2020-11-22 15:34 - 2020-11-22 15:34 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Razer
2020-11-22 15:34 - 2020-11-22 15:34 - 000000000 ____D C:\Users\XXXXX\AppData\Local\CEF
2020-11-22 15:33 - 2020-11-22 15:33 - 000000000 ____D C:\Program Files\Razer
2020-11-22 15:32 - 2020-11-29 09:13 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-11-22 15:32 - 2020-11-22 15:32 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2020-11-22 15:31 - 2020-11-22 15:44 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-22 15:28 - 2020-12-06 00:04 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-22 15:28 - 2020-11-22 15:56 - 000000000 ____D C:\Program Files (x86)\Razer
2020-11-22 15:28 - 2020-11-22 15:32 - 000000000 ____D C:\ProgramData\Razer
2020-11-22 15:28 - 2020-10-20 23:31 - 000079376 _____ (Razer Inc) C:\Windows\system32\RazerS2S3Coinstaller.dll
2020-11-22 15:27 - 2020-11-22 18:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-22 15:27 - 2020-11-22 16:06 - 000000000 ___RD C:\Users\XXXXX\OneDrive
2020-11-22 15:27 - 2020-11-22 15:43 - 000000000 ____D C:\Users\XXXXX\AppData\Local\PlaceholderTileLogoFolder
2020-11-22 15:27 - 2020-11-22 15:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-11-22 15:27 - 2020-11-22 15:27 - 000000000 ___HD C:\OneDriveTemp
2020-11-22 15:27 - 2020-11-22 15:27 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2020-11-22 15:27 - 2020-11-07 18:36 - 007005008 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-11-22 15:27 - 2020-11-07 05:01 - 000222112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2020-11-22 15:27 - 2020-08-21 02:29 - 005501336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-11-22 15:25 - 2020-11-28 14:42 - 000000000 ____D C:\Users\XXXXX\AppData\Local\VirtualStore
2020-11-22 15:25 - 2020-11-23 18:04 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Packages
2020-11-22 15:25 - 2020-11-22 15:56 - 000000000 ____D C:\Users\XXXXX\AppData\Local\ConnectedDevicesPlatform
2020-11-22 15:25 - 2020-11-22 15:25 - 000000000 ___RD C:\Users\XXXXX\3D Objects
2020-11-22 15:25 - 2020-11-22 15:25 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Adobe
2020-11-22 15:25 - 2020-11-22 15:25 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Publishers
2020-11-22 15:24 - 2020-12-05 23:29 - 000000000 ____D C:\Users\XXXXX
2020-11-22 15:24 - 2020-11-22 15:24 - 000000020 ___SH C:\Users\XXXXX\ntuser.ini
2020-11-20 12:58 - 2020-11-20 12:58 - 000206936 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2020-11-20 12:58 - 2020-11-20 12:58 - 000181848 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000187544 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastAPI64.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000164512 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastManager64.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000153240 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastAPI.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000134304 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastManager.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-06 00:04 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2020-12-05 23:57 - 2020-09-27 15:50 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-05 23:57 - 2020-09-27 15:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-05 23:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-05 23:56 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2020-12-05 23:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-12-05 22:00 - 2020-09-27 15:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-12-05 20:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-05 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2020-12-05 17:43 - 2020-09-27 15:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-05 17:43 - 2020-09-27 15:53 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-05 17:43 - 2020-09-27 15:53 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-05 13:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2020-12-04 07:58 - 2020-09-27 15:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-12-04 07:48 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2020-11-28 07:07 - 2020-09-27 15:53 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-28 07:07 - 2020-09-27 15:53 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-27 22:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-23 21:24 - 2020-09-27 15:54 - 000000000 ____D C:\ProgramData\Packages
2020-11-23 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2020-11-23 00:53 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-11-22 23:06 - 2020-09-27 15:50 - 000458272 _____ C:\Windows\system32\FNTCACHE.DAT
2020-11-22 20:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2020-11-22 20:06 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2020-11-22 20:04 - 2020-09-27 15:53 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-11-22 15:54 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2020-11-22 15:41 - 2019-12-07 10:51 - 000000000 ____D C:\Windows\OCR
2020-11-22 15:26 - 2020-09-27 15:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-22 15:22 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-11-22 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2020-11-22 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== Files in the root of some directories ========

2020-12-05 23:43 - 2020-12-05 23:43 - 000016438 _____ () C:\Users\XXXXX\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2020
Ran by XXXXX (06-12-2020 00:21:05)
Running from C:\Users\XXXXX\Downloads
Windows 10 Home Version 20H2 19042.630 (X64) (2020-11-22 14:21:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1871522644-2133478366-4099155915-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1871522644-2133478366-4099155915-503 - Limited - Disabled)
XXXXX (S-1-5-21-1871522644-2133478366-4099155915-1001 - Administrator - Enabled) => C:\Users\XXXXX
Guest (S-1-5-21-1871522644-2133478366-4099155915-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1871522644-2133478366-4099155915-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{7598e74a-915c-4911-918c-ca4b2c296122}) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
balenaEtcher 1.5.112 (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.112 - Balena Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
calibre 64bit (HKLM\...\{3A94E314-33CA-4740-943C-BD0AE32247B9}) (Version: 5.5.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
CurseForge (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.0.76 - Overwolf app)
Discord (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\{27AC56BA-489B-3BDF-98B8-AA1CE49ABB9F}) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.55 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 en-US) (HKLM\...\Mozilla Firefox 83.0 (x64 en-US)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.158.1.1 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1130.111812 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9038.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\WinDirStat) (Version: - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-11-28] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.18.233.0_x64__dt26b99r8h8gj [2020-11-22] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-05] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Readium.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fepbnnnkkadjhjahcafoaglimekefifl

==================== Loaded Modules (Whitelisted) =============

2020-12-06 00:03 - 2020-12-03 14:23 - 000350720 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\@balena.io\usb\build\Release\usb_bindings.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000138752 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\@ronomon\direct-io\binding.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000197120 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\drivelist\build\Release\drivelist.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000443904 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\binding-v6.0.1-n-api-win32-x64\lzma_native.node
2020-12-06 00:03 - 2020-12-03 14:23 - 003174912 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\winusb-driver-generator\build\Release\Generator.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000151040 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\xxhash\build\Release\hash.node
2020-12-06 00:03 - 2020-12-03 14:23 - 002772480 _____ () [File not signed] C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\ffmpeg.dll
2020-12-06 00:03 - 2020-12-03 14:23 - 000379904 _____ () [File not signed] C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\libegl.dll
2020-12-06 00:03 - 2020-12-03 14:23 - 007863296 _____ () [File not signed] C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\libglesv2.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2020-12-06 00:03 - 2020-12-03 14:23 - 000150528 _____ (The Tukaani Project <hxxp://tukaani.org/>) [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\binding-v6.0.1-n-api-win32-x64\liblzma.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Calibre2\;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 10.5.18.5 - 10.5.18.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87FDC274-5CD8-43EE-BD60-346A497A1E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{474F875C-D516-43A8-895F-591F425547B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD28C421-18D1-4E09-A5BC-17F0C753C03E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{15C5E255-9B61-4E35-9D91-61D79E06990F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{450788AC-09C0-4310-A885-42A33CB7B0BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09848C0F-88B0-450D-9E7B-F71AE2DFEF89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{214EB24D-28FF-405D-9221-97E27EAE09A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58F189C6-343D-49D0-BEEA-79527C4D71B2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C45B0521-D056-43ED-8C82-FD81E3FC249D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{96064602-7E11-4138-97F4-367371429C46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1137EE61-8572-4E71-AC79-6FEF15B7748E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{EE3A11CC-16D7-4AE5-ABBA-9AB03E21D95A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{EEEFD174-63E9-4E10-860A-58B65E9A7A06}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DAB11BBE-82CF-454D-8061-A62E25144B4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB586EB0-69C3-4B1A-A995-567FC20C4C97}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{46AE07D5-9E7C-490D-8568-5D76C0C207E1}] => (Allow) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CF3C867B-A611-4EDD-935E-9CFE15AF4EBA}] => (Allow) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{72E3E9C8-ADA6-48C4-9CCD-AEF13A6A174D}] => (Block) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E3A7C847-3A33-44EB-A31B-D92DEE441AE6}] => (Block) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

==================== Restore Points =========================

26-11-2020 11:19:54 Scheduled Checkpoint
04-12-2020 07:48:43 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/05/2020 11:49:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/05/2020 11:49:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/05/2020 11:46:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program NolanaeCaramel.exe version 1.10.2.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2d88

Start Time: 01d6cb57fb3341e5

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\NolanaCaramelmoaInstall\NolanaeCaramel.exe

Report Id: 408a92c3-60cf-45a9-b682-dd0f82d52f7a

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (12/04/2020 07:51:57 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRHC72E)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (12/04/2020 07:50:55 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRHC72E)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/30/2020 11:14:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (11/30/2020 11:14:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Programy (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (11/30/2020 11:24:41 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (12/05/2020 11:51:25 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-GRHC72E)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/22/2020 11:06:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:49:16 PM on ‎11/‎22/‎2020 was unexpected.

Error: (11/22/2020 04:12:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (11/22/2020 04:12:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The NVIDIA LocalSystem Container service terminated with the following error:
A generic command executable returned a result that indicates failure.

Error: (11/22/2020 03:46:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/22/2020 03:46:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (11/22/2020 03:54:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error:
A device attached to the system is not functioning.

Error: (11/22/2020 03:54:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2020-12-05 10:10:46.4960000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {B5E40E36-5EE3-43C3-A960-71986E222A40}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-03 22:00:06.6970000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {A586908D-FC57-4254-8957-B40A887083D2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-03 20:43:19.2390000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {145DD4B4-8FFE-4C6E-895B-492FA3DF6210}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-02 21:59:01.2300000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {1DE22E18-0637-42BA-B7A7-8E1BD383B33D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-30 11:05:38.5370000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {D7F158C8-637F-4DBB-9A4E-75604A2DB62C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-12-05 23:48:11.5860000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:48:10.1940000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:58.2530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:36.7980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1490000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1470000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1280000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.20 07/27/2020
Motherboard: ASRock B450M Pro4-F
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 16315.45 MB
Available physical RAM: 12416.86 MB
Total Virtual: 18747.45 MB
Available Virtual: 13605.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:100.19 GB) NTFS
Drive d: (Programy) (Fixed) (Total:324.94 GB) (Free:147.59 GB) NTFS
Drive e: (Data) (Fixed) (Total:606.44 GB) (Free:338.08 GB) NTFS
Drive g: () (Removable) (Total:0 GB) (Free:0 GB) FAT

\\?\Volume{056afadb-7495-4b37-b205-0af3b93c272d}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{7b4a988e-81e3-453f-9fd2-50418ace4571}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2020
Ran by XXXXX (06-12-2020 00:21:05)
Running from C:\Users\XXXXX\Downloads
Windows 10 Home Version 20H2 19042.630 (X64) (2020-11-22 14:21:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1871522644-2133478366-4099155915-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1871522644-2133478366-4099155915-503 - Limited - Disabled)
XXXXX (S-1-5-21-1871522644-2133478366-4099155915-1001 - Administrator - Enabled) => C:\Users\XXXXX
Guest (S-1-5-21-1871522644-2133478366-4099155915-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1871522644-2133478366-4099155915-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{7598e74a-915c-4911-918c-ca4b2c296122}) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
balenaEtcher 1.5.112 (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.112 - Balena Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
calibre 64bit (HKLM\...\{3A94E314-33CA-4740-943C-BD0AE32247B9}) (Version: 5.5.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
CurseForge (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.0.76 - Overwolf app)
Discord (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\{27AC56BA-489B-3BDF-98B8-AA1CE49ABB9F}) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.55 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 en-US) (HKLM\...\Mozilla Firefox 83.0 (x64 en-US)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.158.1.1 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1130.111812 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9038.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\WinDirStat) (Version: - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-11-28] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.18.233.0_x64__dt26b99r8h8gj [2020-11-22] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-05] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Readium.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fepbnnnkkadjhjahcafoaglimekefifl

==================== Loaded Modules (Whitelisted) =============

2020-12-06 00:03 - 2020-12-03 14:23 - 000350720 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\@balena.io\usb\build\Release\usb_bindings.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000138752 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\@ronomon\direct-io\binding.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000197120 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\drivelist\build\Release\drivelist.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000443904 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\binding-v6.0.1-n-api-win32-x64\lzma_native.node
2020-12-06 00:03 - 2020-12-03 14:23 - 003174912 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\winusb-driver-generator\build\Release\Generator.node
2020-12-06 00:03 - 2020-12-03 14:23 - 000151040 _____ () [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\xxhash\build\Release\hash.node
2020-12-06 00:03 - 2020-12-03 14:23 - 002772480 _____ () [File not signed] C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\ffmpeg.dll
2020-12-06 00:03 - 2020-12-03 14:23 - 000379904 _____ () [File not signed] C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\libegl.dll
2020-12-06 00:03 - 2020-12-03 14:23 - 007863296 _____ () [File not signed] C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\libglesv2.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2020-12-06 00:03 - 2020-12-03 14:23 - 000150528 _____ (The Tukaani Project <hxxp://tukaani.org/>) [File not signed] \\?\C:\Users\XXXXX\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\binding-v6.0.1-n-api-win32-x64\liblzma.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Calibre2\;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 10.5.18.5 - 10.5.18.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87FDC274-5CD8-43EE-BD60-346A497A1E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{474F875C-D516-43A8-895F-591F425547B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD28C421-18D1-4E09-A5BC-17F0C753C03E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{15C5E255-9B61-4E35-9D91-61D79E06990F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{450788AC-09C0-4310-A885-42A33CB7B0BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09848C0F-88B0-450D-9E7B-F71AE2DFEF89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{214EB24D-28FF-405D-9221-97E27EAE09A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58F189C6-343D-49D0-BEEA-79527C4D71B2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C45B0521-D056-43ED-8C82-FD81E3FC249D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{96064602-7E11-4138-97F4-367371429C46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1137EE61-8572-4E71-AC79-6FEF15B7748E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{EE3A11CC-16D7-4AE5-ABBA-9AB03E21D95A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{EEEFD174-63E9-4E10-860A-58B65E9A7A06}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DAB11BBE-82CF-454D-8061-A62E25144B4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB586EB0-69C3-4B1A-A995-567FC20C4C97}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{46AE07D5-9E7C-490D-8568-5D76C0C207E1}] => (Allow) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CF3C867B-A611-4EDD-935E-9CFE15AF4EBA}] => (Allow) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{72E3E9C8-ADA6-48C4-9CCD-AEF13A6A174D}] => (Block) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E3A7C847-3A33-44EB-A31B-D92DEE441AE6}] => (Block) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

==================== Restore Points =========================

26-11-2020 11:19:54 Scheduled Checkpoint
04-12-2020 07:48:43 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/05/2020 11:49:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/05/2020 11:49:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/05/2020 11:46:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program NolanaeCaramel.exe version 1.10.2.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2d88

Start Time: 01d6cb57fb3341e5

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\NolanaCaramelmoaInstall\NolanaeCaramel.exe

Report Id: 408a92c3-60cf-45a9-b682-dd0f82d52f7a

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (12/04/2020 07:51:57 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRHC72E)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (12/04/2020 07:50:55 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRHC72E)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/30/2020 11:14:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (11/30/2020 11:14:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Programy (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (11/30/2020 11:24:41 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (12/05/2020 11:51:25 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-GRHC72E)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/22/2020 11:06:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:49:16 PM on ‎11/‎22/‎2020 was unexpected.

Error: (11/22/2020 04:12:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (11/22/2020 04:12:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The NVIDIA LocalSystem Container service terminated with the following error:
A generic command executable returned a result that indicates failure.

Error: (11/22/2020 03:46:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/22/2020 03:46:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (11/22/2020 03:54:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error:
A device attached to the system is not functioning.

Error: (11/22/2020 03:54:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2020-12-05 10:10:46.4960000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {B5E40E36-5EE3-43C3-A960-71986E222A40}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-03 22:00:06.6970000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {A586908D-FC57-4254-8957-B40A887083D2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-03 20:43:19.2390000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {145DD4B4-8FFE-4C6E-895B-492FA3DF6210}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-02 21:59:01.2300000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {1DE22E18-0637-42BA-B7A7-8E1BD383B33D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-30 11:05:38.5370000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {D7F158C8-637F-4DBB-9A4E-75604A2DB62C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-12-05 23:48:11.5860000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:48:10.1940000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:58.2530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:36.7980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1490000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1470000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1280000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.20 07/27/2020
Motherboard: ASRock B450M Pro4-F
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 16315.45 MB
Available physical RAM: 12416.86 MB
Total Virtual: 18747.45 MB
Available Virtual: 13605.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:100.19 GB) NTFS
Drive d: (Programy) (Fixed) (Total:324.94 GB) (Free:147.59 GB) NTFS
Drive e: (Data) (Fixed) (Total:606.44 GB) (Free:338.08 GB) NTFS
Drive g: () (Removable) (Total:0 GB) (Free:0 GB) FAT

\\?\Volume{056afadb-7495-4b37-b205-0af3b93c272d}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{7b4a988e-81e3-453f-9fd2-50418ace4571}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Omylom som nainštaloval falošný softvér

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tipota
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 led 2008 04:05

Re: Omylom som nainštaloval falošný softvér

#3 Příspěvek od tipota »

Dobrý deň, tu je výsledok:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-06-2020
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1424 octets] - [06/12/2020 14:50:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Omylom som nainštaloval falošný softvér

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tipota
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 led 2008 04:05

Re: Omylom som nainštaloval falošný softvér

#5 Příspěvek od tipota »

Pripájam:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2020
Ran by XXXXX (administrator) on DESKTOP-GRHC72E (06-12-2020 16:17:10)
Running from C:\Users\XXXXX\Downloads
Loaded Profiles: XXXXX
Platform: Windows 10 Home Version 20H2 19042.630 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\Display.NvContainer\NVDisplay.Container.exe <2>
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe [1179440 2020-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-11-22] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1319B9D0-2C24-42BD-B35F-2D05F4072051} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {316C9C81-BC30-488D-B094-2A6DB2FCA8A8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> )
Task: {33C40D29-A502-4A7E-9F35-E0A4A3E44C44} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {4059976D-EBCE-46C5-B301-8C3F565B107B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45147ED4-9FDB-4957-BF9B-98CE6A44A4B3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4A09990E-FB89-4831-9F84-E84C7642D3F4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2488152 2020-11-16] (Overwolf Ltd -> Overwolf LTD)
Task: {53584EB5-2E50-425A-82C5-D785651D9160} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55E9B095-93CE-48D4-8C2D-AC98A9A71BE3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D449091-25C3-45B1-B711-F38EAF8B5DF7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D4E2291-2D98-414B-A209-111A28C55F63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
Task: {617C5457-5CED-43DE-8CA9-BEFAA93DEF1A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63DD316B-F992-43E8-A4C3-DA12CB2B9E9A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6745B201-DBD0-45BA-823E-E4F0231E6C5C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D44B86E-E0CB-4B98-8CDF-822C31DDE320} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1871522644-2133478366-4099155915-500 => C:\Users\XXXXX\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {735A0D13-50C8-4E40-B076-7F3F30503237} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {795862F6-8F9F-4CB5-9169-04EF99F08022} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9590D61B-AFDA-44DB-B757-35548F8BEB43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
Task: {D0D55614-A1FA-4C01-80F3-12E2A4D0C8A0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {EB5EDA43-8027-4739-874B-A6EC0A9F43B2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F0DA3AE5-574C-4A9E-AEB9-B729FB649774} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1871522644-2133478366-4099155915-1001 => C:\Windows\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-09] (Microsoft Windows -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4
Tcpip\..\Interfaces\{4f787132-5006-45e4-85e1-4f404a3ae87a}: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4

Edge:
======
Edge Profile: C:\Users\XXXXX\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-06]

FireFox:
========
FF DefaultProfile: ftbs4dcq.default
FF ProfilePath: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ftbs4dcq.default [2020-11-22]
FF ProfilePath: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release [2020-12-05]
FF Extension: (HTTPS Everywhere) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-22]
FF Extension: (Decentraleyes) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-11-22]
FF Extension: (Privacy Badger) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-11-22]
FF Extension: (uBlock Origin) - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\fkuhwy81.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-22]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default [2020-12-06]
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-22]
CHR Extension: (BetterTTV) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-11-29]
CHR Extension: (Docs) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-22]
CHR Extension: (Google Drive) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-22]
CHR Extension: (Notifier for Feedly™) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbepjjjeionddbieffjjllpiaogcllhc [2020-11-22]
CHR Extension: (YouTube) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-22]
CHR Extension: (uBlock Origin) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-04]
CHR Extension: (Search by Image) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnojnbdhbhnkbcieeekonklommdnndci [2020-11-24]
CHR Extension: (Tampermonkey) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-11-22]
CHR Extension: (FrankerFaceZ) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-11-22]
CHR Extension: (Sheets) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-22]
CHR Extension: (Readium) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2020-11-22]
CHR Extension: (HTTPS Everywhere) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-22]
CHR Extension: (Imagus) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-11-22]
CHR Extension: (EPUBReader) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-11-22]
CHR Extension: (View Image Info (properties)) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldjjifbpipdmligefcogandjojpdagn [2020-11-22]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-11-22]
CHR Extension: (Google Mail Checker) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-11-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-22]
CHR Extension: (Gmail) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-22]
CHR Extension: (Chrome Media Router) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-22]
CHR Extension: (Privacy Badger) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-11-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2488152 2020-11-16] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-21] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294640 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 RtkAudioUniversalService; C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe [1179440 2020-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-12-05] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-12-06] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197792 2020-12-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2020-12-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [138904 2020-12-06] (Malwarebytes Inc -> Malwarebytes)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0053; C:\Windows\System32\drivers\RzDev_0053.sys [52528 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-06 16:16 - 2020-12-06 16:16 - 002288640 _____ (Farbar) C:\Users\XXXXX\Downloads\FRST64 (1).exe
2020-12-06 16:16 - 2020-12-06 16:16 - 000138904 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-12-06 16:12 - 2020-12-06 16:17 - 123640987 _____ C:\Users\XXXXX\Downloads\Unconfirmed 320958.crdownload
2020-12-06 16:02 - 2020-12-06 16:09 - 000000000 ____D C:\Users\XXXXX\Desktop\neural-style-tf-master
2020-12-06 16:02 - 2020-12-06 16:02 - 074013691 _____ C:\Users\XXXXX\Downloads\neural-style-tf-master.zip
2020-12-06 16:01 - 2020-12-06 16:01 - 000000000 ____D C:\Users\XXXXX\Desktop\esadaasdsad
2020-12-06 16:00 - 2020-12-06 16:10 - 3160710592 _____ (NVIDIA Corporation) C:\Users\XXXXX\Downloads\cuda_11.1.1_456.81_win10.exe
2020-12-06 15:55 - 2020-12-06 15:55 - 000711135 _____ C:\Users\XXXXX\Downloads\Anaconda-Starter-Guide.pdf
2020-12-06 15:54 - 2020-12-06 15:54 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
2020-12-06 15:53 - 2020-12-06 15:54 - 000000000 ____D C:\Users\XXXXX\miniconda3
2020-12-06 15:53 - 2020-12-06 15:53 - 059801432 _____ (Anaconda, Inc.) C:\Users\XXXXX\Downloads\Miniconda3-latest-Windows-x86_64.exe
2020-12-06 15:51 - 2020-12-06 15:51 - 000197792 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-12-06 15:51 - 2020-12-06 15:51 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-12-06 14:49 - 2020-12-06 14:50 - 000000000 ____D C:\AdwCleaner
2020-12-06 14:49 - 2020-12-06 14:49 - 008447152 _____ (Malwarebytes) C:\Users\XXXXX\Downloads\adwcleaner_8.0.8.exe
2020-12-06 01:41 - 2020-12-06 01:41 - 000000231 _____ C:\Users\XXXXX\Downloads\bttv_settings.backup
2020-12-06 00:54 - 2020-12-06 00:54 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-12-06 00:21 - 2020-12-06 00:21 - 000028506 _____ C:\Users\XXXXX\Downloads\Addition.txt
2020-12-06 00:20 - 2020-12-06 16:17 - 000019370 _____ C:\Users\XXXXX\Downloads\FRST.txt
2020-12-06 00:17 - 2020-12-06 16:17 - 000000000 ____D C:\FRST
2020-12-06 00:16 - 2020-12-06 00:16 - 002288640 _____ (Farbar) C:\Users\XXXXX\Downloads\FRST64.exe
2020-12-06 00:08 - 2020-12-06 00:08 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\7551648F.sys
2020-12-06 00:07 - 2020-12-06 00:13 - 000000000 ____D C:\Users\XXXXX\Desktop\mbar
2020-12-06 00:07 - 2020-12-06 00:13 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-12-06 00:07 - 2020-12-06 00:07 - 014178840 _____ (Malwarebytes Corp.) C:\Users\XXXXX\Downloads\mbar-1.10.3.1001.exe
2020-12-06 00:03 - 2020-12-06 01:26 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\balena-etcher
2020-12-06 00:03 - 2020-12-06 00:03 - 000002460 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\balenaEtcher.lnk
2020-12-06 00:03 - 2020-12-06 00:03 - 000002452 _____ C:\Users\XXXXX\Desktop\balenaEtcher.lnk
2020-12-06 00:03 - 2020-12-06 00:03 - 000000000 ____D C:\Users\XXXXX\AppData\Local\balena-etcher-updater
2020-12-05 23:59 - 2020-12-06 00:03 - 130296744 _____ (Balena Inc.) C:\Users\XXXXX\Downloads\balenaEtcher-Setup-1.5.112.exe
2020-12-05 23:54 - 2020-12-06 00:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-05 23:54 - 2020-12-05 23:54 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-12-05 23:54 - 2020-12-05 23:54 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-12-05 23:54 - 2020-12-05 23:54 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-12-05 23:54 - 2020-12-05 23:54 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-05 23:54 - 2020-12-05 23:54 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-05 23:54 - 2020-12-05 23:54 - 000001981 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-05 23:54 - 2020-12-05 23:54 - 000000000 ____D C:\Users\XXXXX\AppData\Local\mbam
2020-12-05 23:53 - 2020-12-05 23:53 - 002077136 _____ (Malwarebytes) C:\Users\XXXXX\Downloads\MBSetup.exe
2020-12-05 23:53 - 2020-12-05 23:53 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-05 23:44 - 2020-12-05 23:48 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Opera Software
2020-12-05 23:44 - 2020-12-05 23:44 - 000002389 _____ C:\Users\XXXXX\Desktop\facebook.lnk
2020-12-05 23:44 - 2020-12-05 23:44 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Opera Software
2020-12-05 23:44 - 2020-12-05 23:44 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Walliant
2020-12-05 23:43 - 2020-12-05 23:50 - 000000000 ____D C:\ProgramData\Avast Software
2020-12-05 23:43 - 2020-12-05 23:45 - 117483072 _____ (Balena Inc.) C:\Users\XXXXX\Downloads\Etcher_Portable.exe
2020-12-05 23:43 - 2020-12-05 23:43 - 000016438 _____ C:\Users\XXXXX\AppData\Local\partner.bmp
2020-12-05 23:42 - 2020-12-05 23:42 - 000000000 ____D C:\Program Files (x86)\NolanaCaramelmoaInstall
2020-12-05 23:33 - 2020-12-05 23:43 - 2785017856 _____ C:\Users\XXXXX\Downloads\ubuntu-20.04.1-desktop-amd64.iso
2020-12-05 22:39 - 2020-12-05 23:23 - 000000000 ____D C:\Users\XXXXX\.conda
2020-12-05 22:39 - 2020-12-05 23:06 - 000000043 _____ C:\Users\XXXXX\.condarc
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\Documents\Python Scripts
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\.anaconda
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\AppData\Local\pip
2020-12-05 22:39 - 2020-12-05 22:39 - 000000000 ____D C:\Users\XXXXX\AppData\Local\conda
2020-12-05 22:36 - 2020-12-05 22:37 - 479396152 _____ (Anaconda, Inc.) C:\Users\XXXXX\Downloads\Anaconda3-2020.11-Windows-x86_64.exe
2020-12-05 11:05 - 2020-12-06 14:52 - 000000114 _____ C:\Users\XXXXX\Desktop\New Text Document.txt
2020-12-05 10:59 - 2020-12-05 11:01 - 000000000 ____D C:\Users\XXXXX\Downloads\New folder
2020-12-04 11:12 - 2020-12-04 11:42 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\vlc
2020-12-04 11:07 - 2020-12-04 11:11 - 1423980180 _____ C:\Users\XXXXX\Downloads\20201204_101447.mp4
2020-12-01 18:06 - 2020-12-01 18:06 - 000000910 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-12-01 18:06 - 2020-12-01 18:06 - 000000862 _____ C:\Users\XXXXX\Desktop\Start Tor Browser.lnk
2020-12-01 18:06 - 2020-12-01 18:06 - 000000000 ____D C:\Users\XXXXX\Desktop\Tor Browser
2020-11-27 22:01 - 2020-11-27 22:01 - 000001159 _____ C:\Users\XXXXX\Desktop\MSI Afterburner.lnk
2020-11-27 22:01 - 2020-11-27 22:01 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2020-11-27 22:00 - 2020-11-27 22:01 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-11-25 21:54 - 2020-11-25 21:54 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2020-11-23 00:53 - 2020-12-05 23:52 - 000000000 ____D C:\Windows\Panther
2020-11-22 22:52 - 2020-11-23 15:45 - 000000250 _____ C:\Users\XXXXX\Desktop\hwmonitorw.ini
2020-11-22 22:31 - 2020-11-23 15:50 - 000000000 ____D C:\Users\XXXXX\Desktop\prime
2020-11-22 22:24 - 2020-11-22 22:24 - 000000000 ____D C:\Users\XXXXX\AppData\Local\ImageMagick
2020-11-22 22:22 - 2020-11-22 22:22 - 000003484 _____ C:\Windows\system32\Tasks\AMDAutoUpdate
2020-11-22 22:22 - 2020-11-22 22:22 - 000002219 _____ C:\Users\Public\Desktop\AMD Ryzen Master.lnk
2020-11-22 22:22 - 2020-11-22 22:22 - 000002219 _____ C:\ProgramData\Desktop\AMD Ryzen Master.lnk
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Downloaded Installations
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\Users\XXXXX\AppData\Local\AMD
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2020-11-22 22:22 - 2020-11-22 22:22 - 000000000 ____D C:\Program Files\AMD
2020-11-22 20:05 - 2020-11-22 20:05 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-22 20:05 - 2020-11-22 20:05 - 000152576 _____ C:\Windows\system32\EoAExperiences.exe
2020-11-22 20:05 - 2020-11-22 20:05 - 000009265 _____ C:\Windows\system32\DrtmAuthTxt.wim
2020-11-22 20:04 - 2020-11-22 20:04 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-22 20:04 - 2020-11-22 20:04 - 000197632 _____ C:\Windows\system32\IHDS.dll
2020-11-22 20:01 - 2020-11-22 20:02 - 000000000 ____D C:\Windows\system32\MRT
2020-11-22 19:35 - 2020-12-05 20:30 - 000002176 _____ C:\Users\XXXXX\Desktop\CurseForge.lnk
2020-11-22 19:35 - 2020-12-05 20:30 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-11-22 19:35 - 2020-11-22 19:35 - 000004380 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2020-11-22 19:35 - 2020-11-22 19:35 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-11-22 19:35 - 2020-11-22 19:35 - 000000000 ____D C:\ProgramData\Overwolf
2020-11-22 19:30 - 2020-12-05 20:30 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Overwolf
2020-11-22 19:28 - 2020-11-22 19:37 - 000000000 ____D C:\Users\XXXXX\AppData\Local\WowUp
2020-11-22 19:28 - 2020-11-22 19:28 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Jliddev
2020-11-22 19:28 - 2020-10-24 22:11 - 102337143 _____ (Jliddev) C:\Users\XXXXX\Desktop\WowUp.exe
2020-11-22 18:45 - 2020-12-05 23:52 - 000000000 ____D C:\Users\XXXXX\AppData\Local\CrashDumps
2020-11-22 18:38 - 2020-11-22 18:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\calibre-cache
2020-11-22 18:37 - 2020-11-22 18:38 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\calibre
2020-11-22 18:37 - 2020-11-22 18:37 - 000000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2020-11-22 18:37 - 2020-11-22 18:37 - 000000999 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2020-11-22 18:37 - 2020-11-22 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2020-11-22 18:37 - 2020-11-22 18:37 - 000000000 ____D C:\Program Files\Calibre2
2020-11-22 18:00 - 2020-11-22 18:00 - 000000000 ___HD C:\$WinREAgent
2020-11-22 17:10 - 2020-09-07 14:28 - 002580112 _____ (CPUID) C:\Users\XXXXX\Desktop\HWMonitor_x64.exe
2020-11-22 16:50 - 2020-11-22 16:50 - 000001070 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2020-11-22 16:50 - 2020-11-22 16:50 - 000001070 _____ C:\ProgramData\Desktop\World of Warcraft.lnk
2020-11-22 16:50 - 2020-11-22 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2020-11-22 16:38 - 2020-12-05 12:16 - 000000000 ____D C:\Users\XXXXX\AppData\LocalLow\Mozilla
2020-11-22 16:38 - 2020-11-22 16:38 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Mozilla
2020-11-22 16:38 - 2020-11-22 16:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Mozilla
2020-11-22 16:30 - 2020-11-23 21:36 - 000000000 ____D C:\Users\XXXXX\AppData\Local\D3DSCache
2020-11-22 16:26 - 2020-11-25 07:11 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2020-11-22 16:24 - 2020-11-22 16:24 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2020-11-22 16:22 - 2020-12-05 22:42 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Battle.net
2020-11-22 16:22 - 2020-11-22 16:24 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Battle.net
2020-11-22 16:18 - 2020-11-22 16:18 - 000000000 ____D C:\Users\XXXXX\AppData\Local\GHISLER
2020-11-22 16:11 - 2020-11-07 05:01 - 000038632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 001769688 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001769688 _____ C:\Windows\system32\vulkaninfo.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-11-22 16:09 - 2020-11-07 18:41 - 001054944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 001054944 _____ C:\Windows\system32\vulkan-1.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000455408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-11-22 16:09 - 2020-11-07 18:41 - 000349936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 002096880 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001585560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001506032 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001159920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 001027992 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000816368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000813464 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000674712 _____ C:\Windows\system32\nvofapi64.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000670616 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000656112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000590576 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-11-22 16:09 - 2020-11-07 18:38 - 000556440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-11-22 16:09 - 2020-11-07 18:38 - 000543128 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 007707544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 006858992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 004175256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 002509720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-11-22 16:09 - 2020-11-07 18:37 - 000849648 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-11-22 16:09 - 2020-11-07 18:37 - 000445848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-11-22 16:09 - 2020-11-07 18:36 - 005976296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-11-22 16:09 - 2020-11-07 05:01 - 000080930 _____ C:\Windows\system32\nvinfo.pb
2020-11-22 16:05 - 2020-11-22 16:05 - 000000000 ____D C:\Users\XXXXX\AppData\Local\OneDrive
2020-11-22 16:03 - 2020-11-22 16:03 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-11-22 16:03 - 2020-10-04 17:59 - 000274736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2020-11-22 16:03 - 2020-10-04 17:59 - 000229680 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2020-11-22 16:03 - 2020-10-04 17:56 - 006161504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-11-22 16:03 - 2020-10-04 17:46 - 042448072 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-11-22 16:03 - 2019-12-19 08:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-11-22 15:59 - 2020-11-22 15:59 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\NVIDIA
2020-11-22 15:59 - 2020-11-22 15:59 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\LibreOffice
2020-11-22 15:55 - 2020-11-22 15:55 - 000000000 _SHDL C:\Documents and Settings
2020-11-22 15:53 - 2020-11-22 15:53 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1871522644-2133478366-4099155915-500
2020-11-22 15:53 - 2020-11-22 15:53 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-11-22 15:52 - 2020-11-22 16:24 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-11-22 15:52 - 2020-11-22 15:52 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\AMD
2020-11-22 15:52 - 2020-11-22 15:52 - 000000000 ____D C:\Program Files (x86)\AMD
2020-11-22 15:51 - 2020-11-22 22:21 - 000000000 ____D C:\AMD
2020-11-22 15:51 - 2020-11-22 16:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-11-22 15:51 - 2020-11-22 16:03 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-11-22 15:51 - 2020-11-22 15:51 - 000000000 ____D C:\Users\XXXXX\AppData\Local\setup
2020-11-22 15:51 - 2020-11-22 15:51 - 000000000 ____D C:\Users\XXXXX\AppData\Local\cache
2020-11-22 15:51 - 2020-06-18 16:56 - 001146448 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2020-11-22 15:50 - 2020-11-22 15:50 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Blizzard Entertainment
2020-11-22 15:47 - 2020-11-22 15:47 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Garmin_Ltd._or_its_subsid
2020-11-22 15:47 - 2020-11-22 15:47 - 000000000 ____D C:\ProgramData\Battle.net
2020-11-22 15:46 - 2020-11-22 15:46 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-11-22 15:46 - 2020-11-22 15:46 - 000000837 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-11-22 15:46 - 2020-11-22 15:46 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Steam
2020-11-22 15:46 - 2020-11-22 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-11-22 15:46 - 2020-11-22 15:46 - 000000000 ____D C:\Program Files\Speccy
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files\MSBuild
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-22 15:45 - 2020-11-22 15:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-11-22 15:44 - 2020-12-06 15:53 - 000000000 ____D C:\Program Files\CCleaner
2020-11-22 15:44 - 2020-12-04 07:46 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-22 15:44 - 2020-11-28 14:43 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Garmin
2020-11-22 15:44 - 2020-11-28 14:43 - 000000000 ____D C:\ProgramData\Garmin
2020-11-22 15:44 - 2020-11-22 15:44 - 000003624 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2020-11-22 15:44 - 2020-11-22 15:44 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-22 15:44 - 2020-11-22 15:44 - 000001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000001963 _____ C:\ProgramData\Desktop\Garmin Express.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\Program Files\DIFX
2020-11-22 15:44 - 2020-11-22 15:44 - 000000000 ____D C:\Program Files (x86)\Garmin
2020-11-22 15:42 - 2020-11-22 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-11-22 15:42 - 2020-11-22 15:42 - 000001181 _____ C:\Users\Public\Desktop\LibreOffice 7.0.lnk
2020-11-22 15:42 - 2020-11-22 15:42 - 000001181 _____ C:\ProgramData\Desktop\LibreOffice 7.0.lnk
2020-11-22 15:42 - 2020-11-22 15:42 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Comms
2020-11-22 15:41 - 2020-11-22 15:41 - 000000000 ____D C:\Program Files\LibreOffice
2020-11-22 15:40 - 2020-11-22 15:40 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2020-11-22 15:39 - 2020-11-22 15:59 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Google
2020-11-22 15:38 - 2020-12-03 16:16 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\discord
2020-11-22 15:38 - 2020-11-22 15:38 - 000002231 _____ C:\Users\XXXXX\Desktop\Discord.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000907 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000907 _____ C:\ProgramData\Desktop\qBittorrent.lnk
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\SquirrelTemp
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Discord
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Program Files\VideoLAN
2020-11-22 15:38 - 2020-11-22 15:38 - 000000000 ____D C:\Program Files\qBittorrent
2020-11-22 15:37 - 2020-12-04 13:16 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-22 15:37 - 2020-12-04 13:16 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-22 15:37 - 2020-12-02 21:13 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-22 15:37 - 2020-12-02 21:13 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-22 15:37 - 2020-12-02 21:13 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-22 15:37 - 2020-11-26 23:10 - 000000000 ____D C:\Program Files (x86)\Steam
2020-11-22 15:37 - 2020-11-22 16:54 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Notepad++
2020-11-22 15:37 - 2020-11-22 15:37 - 000001966 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001948 _____ C:\Users\Public\Desktop\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001948 _____ C:\ProgramData\Desktop\SumatraPDF.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\Users\Public\Desktop\WinDirStat.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\Users\Public\Desktop\Notepad++.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\ProgramData\Desktop\WinDirStat.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001104 _____ C:\ProgramData\Desktop\Notepad++.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files\SumatraPDF
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files\Google
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files\7-Zip
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files (x86)\WinDirStat
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-11-22 15:37 - 2020-11-22 15:37 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-22 15:36 - 2020-12-05 12:15 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-22 15:36 - 2020-11-22 16:18 - 000000000 ____D C:\totalcmd
2020-11-22 15:36 - 2020-11-22 15:36 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000993 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000683 _____ C:\Users\XXXXX\Desktop\Total Commander 64 bit.lnk
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\GHISLER
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-22 15:36 - 2020-11-22 15:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-22 15:35 - 2020-12-06 15:54 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-22 15:35 - 2020-11-22 22:21 - 000000000 ____D C:\Users\XXXXX\AppData\Local\NVIDIA
2020-11-22 15:35 - 2020-11-22 16:12 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-11-22 15:35 - 2020-11-22 15:58 - 000000000 ____D C:\Users\XXXXX\AppData\Local\NVIDIA Corporation
2020-11-22 15:35 - 2020-11-22 15:35 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-22 15:35 - 2020-11-22 15:35 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-11-22 15:35 - 2020-11-22 15:35 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-11-22 15:35 - 2020-11-22 15:35 - 000000000 ____D C:\Users\XXXXX\ansel
2020-11-22 15:35 - 2020-11-22 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-22 15:35 - 2020-10-20 13:56 - 002797552 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-11-22 15:35 - 2020-10-20 13:56 - 002154984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-11-22 15:35 - 2020-10-20 13:56 - 001294832 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-11-22 15:35 - 2020-10-19 06:42 - 000069608 _____ C:\Windows\system32\FvSDK_x64.dll
2020-11-22 15:35 - 2020-10-19 06:42 - 000058344 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2020-11-22 15:35 - 2020-10-17 16:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2020-11-22 15:35 - 2020-08-10 16:20 - 000169272 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2020-11-22 15:35 - 2020-08-10 16:20 - 000145208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2020-11-22 15:35 - 2020-03-11 20:26 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-11-22 15:35 - 2020-03-06 11:03 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-11-22 15:35 - 2020-03-04 13:54 - 000050592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2020-11-22 15:34 - 2020-11-29 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-11-22 15:34 - 2020-11-22 15:58 - 000000000 ____D C:\temp
2020-11-22 15:34 - 2020-11-22 15:34 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Synapse3
2020-11-22 15:34 - 2020-11-22 15:34 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Razer
2020-11-22 15:34 - 2020-11-22 15:34 - 000000000 ____D C:\Users\XXXXX\AppData\Local\CEF
2020-11-22 15:33 - 2020-11-22 15:33 - 000000000 ____D C:\Program Files\Razer
2020-11-22 15:32 - 2020-11-29 09:13 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-11-22 15:32 - 2020-11-22 15:32 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2020-11-22 15:31 - 2020-11-22 15:44 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-22 15:28 - 2020-12-06 15:58 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-22 15:28 - 2020-11-22 15:56 - 000000000 ____D C:\Program Files (x86)\Razer
2020-11-22 15:28 - 2020-11-22 15:32 - 000000000 ____D C:\ProgramData\Razer
2020-11-22 15:28 - 2020-10-20 23:31 - 000079376 _____ (Razer Inc) C:\Windows\system32\RazerS2S3Coinstaller.dll
2020-11-22 15:27 - 2020-11-22 18:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-22 15:27 - 2020-11-22 16:06 - 000000000 ___RD C:\Users\XXXXX\OneDrive
2020-11-22 15:27 - 2020-11-22 15:43 - 000000000 ____D C:\Users\XXXXX\AppData\Local\PlaceholderTileLogoFolder
2020-11-22 15:27 - 2020-11-22 15:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-11-22 15:27 - 2020-11-22 15:27 - 000000000 ___HD C:\OneDriveTemp
2020-11-22 15:27 - 2020-11-22 15:27 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2020-11-22 15:27 - 2020-11-07 18:36 - 007005008 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-11-22 15:27 - 2020-11-07 05:01 - 000222112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2020-11-22 15:27 - 2020-08-21 02:29 - 005501336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-11-22 15:25 - 2020-11-28 14:42 - 000000000 ____D C:\Users\XXXXX\AppData\Local\VirtualStore
2020-11-22 15:25 - 2020-11-23 18:04 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Packages
2020-11-22 15:25 - 2020-11-22 15:56 - 000000000 ____D C:\Users\XXXXX\AppData\Local\ConnectedDevicesPlatform
2020-11-22 15:25 - 2020-11-22 15:25 - 000000000 ___RD C:\Users\XXXXX\3D Objects
2020-11-22 15:25 - 2020-11-22 15:25 - 000000000 ____D C:\Users\XXXXX\AppData\Roaming\Adobe
2020-11-22 15:25 - 2020-11-22 15:25 - 000000000 ____D C:\Users\XXXXX\AppData\Local\Publishers
2020-11-22 15:24 - 2020-12-06 15:53 - 000000000 ____D C:\Users\XXXXX
2020-11-22 15:24 - 2020-11-22 15:24 - 000000020 ___SH C:\Users\XXXXX\ntuser.ini
2020-11-20 12:58 - 2020-11-20 12:58 - 000206936 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2020-11-20 12:58 - 2020-11-20 12:58 - 000181848 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000187544 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastAPI64.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000164512 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastManager64.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000153240 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastAPI.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000134304 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastManager.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-06 15:58 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2020-12-06 15:51 - 2020-09-27 15:50 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-06 15:51 - 2020-09-27 15:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-06 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-06 14:53 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2020-12-06 09:13 - 2020-09-27 15:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-12-05 23:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-12-05 20:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-05 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2020-12-05 17:43 - 2020-09-27 15:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-05 17:43 - 2020-09-27 15:53 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-05 17:43 - 2020-09-27 15:53 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-05 13:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2020-12-04 07:58 - 2020-09-27 15:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-12-04 07:48 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2020-11-28 07:07 - 2020-09-27 15:53 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-28 07:07 - 2020-09-27 15:53 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-27 22:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-23 21:24 - 2020-09-27 15:54 - 000000000 ____D C:\ProgramData\Packages
2020-11-23 15:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2020-11-23 00:53 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-11-22 23:06 - 2020-09-27 15:50 - 000458272 _____ C:\Windows\system32\FNTCACHE.DAT
2020-11-22 20:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-22 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2020-11-22 20:06 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2020-11-22 20:04 - 2020-09-27 15:53 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-11-22 15:54 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2020-11-22 15:41 - 2019-12-07 10:51 - 000000000 ____D C:\Windows\OCR
2020-11-22 15:26 - 2020-09-27 15:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-22 15:22 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-11-22 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2020-11-22 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== Files in the root of some directories ========

2020-12-05 23:43 - 2020-12-05 23:43 - 000016438 _____ () C:\Users\XXXXX\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2020
Ran by XXXXX (06-12-2020 16:17:49)
Running from C:\Users\XXXXX\Downloads
Windows 10 Home Version 20H2 19042.630 (X64) (2020-11-22 14:21:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1871522644-2133478366-4099155915-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1871522644-2133478366-4099155915-503 - Limited - Disabled)
XXXXX (S-1-5-21-1871522644-2133478366-4099155915-1001 - Administrator - Enabled) => C:\Users\XXXXX
Guest (S-1-5-21-1871522644-2133478366-4099155915-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1871522644-2133478366-4099155915-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{7598e74a-915c-4911-918c-ca4b2c296122}) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
balenaEtcher 1.5.112 (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.112 - Balena Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
calibre 64bit (HKLM\...\{3A94E314-33CA-4740-943C-BD0AE32247B9}) (Version: 5.5.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
CurseForge (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.0.76 - Overwolf app)
Discord (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\{27AC56BA-489B-3BDF-98B8-AA1CE49ABB9F}) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.55 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Miniconda3 py38_4.9.2 (Python 3.8.5 64-bit) (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\Miniconda3 py38_4.9.2 (Python 3.8.5 64-bit)) (Version: py38_4.9.2 - Anaconda, Inc.)
Mozilla Firefox 83.0 (x64 en-US) (HKLM\...\Mozilla Firefox 83.0 (x64 en-US)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.158.1.1 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1130.111812 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9038.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\...\WinDirStat) (Version: - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-11-28] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.18.233.0_x64__dt26b99r8h8gj [2020-11-22] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fe92a8457e8d540c\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-05] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Readium.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fepbnnnkkadjhjahcafoaglimekefifl
ShortcutWithArgument: C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (miniconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\XXXXX\miniconda3\Scripts\activate.bat C:\Users\XXXXX\miniconda3

==================== Loaded Modules (Whitelisted) =============

2020-10-29 03:26 - 2020-10-29 03:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2020-11-22 15:37 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Calibre2\;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-1871522644-2133478366-4099155915-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 10.5.18.5 - 10.5.18.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87FDC274-5CD8-43EE-BD60-346A497A1E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{474F875C-D516-43A8-895F-591F425547B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD28C421-18D1-4E09-A5BC-17F0C753C03E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{15C5E255-9B61-4E35-9D91-61D79E06990F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{450788AC-09C0-4310-A885-42A33CB7B0BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09848C0F-88B0-450D-9E7B-F71AE2DFEF89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{214EB24D-28FF-405D-9221-97E27EAE09A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58F189C6-343D-49D0-BEEA-79527C4D71B2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C45B0521-D056-43ED-8C82-FD81E3FC249D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{96064602-7E11-4138-97F4-367371429C46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1137EE61-8572-4E71-AC79-6FEF15B7748E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{EE3A11CC-16D7-4AE5-ABBA-9AB03E21D95A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{EEEFD174-63E9-4E10-860A-58B65E9A7A06}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DAB11BBE-82CF-454D-8061-A62E25144B4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB586EB0-69C3-4B1A-A995-567FC20C4C97}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{46AE07D5-9E7C-490D-8568-5D76C0C207E1}] => (Allow) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CF3C867B-A611-4EDD-935E-9CFE15AF4EBA}] => (Allow) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{72E3E9C8-ADA6-48C4-9CCD-AEF13A6A174D}] => (Block) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E3A7C847-3A33-44EB-A31B-D92DEE441AE6}] => (Block) C:\Program Files (x86)\Overwolf\0.158.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

==================== Restore Points =========================

26-11-2020 11:19:54 Scheduled Checkpoint
04-12-2020 07:48:43 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/05/2020 11:49:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/05/2020 11:49:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/05/2020 11:46:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program NolanaeCaramel.exe version 1.10.2.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2d88

Start Time: 01d6cb57fb3341e5

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\NolanaCaramelmoaInstall\NolanaeCaramel.exe

Report Id: 408a92c3-60cf-45a9-b682-dd0f82d52f7a

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (12/04/2020 07:51:57 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRHC72E)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (12/04/2020 07:50:55 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRHC72E)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/30/2020 11:14:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (11/30/2020 11:14:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Programy (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (11/30/2020 11:24:41 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (12/06/2020 02:53:08 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (12/06/2020 02:50:26 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (12/06/2020 02:50:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Synapse Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/06/2020 02:50:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Game Manager service terminated unexpectedly. It has done this 1 time(s).

Error: (12/06/2020 02:50:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Central Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/06/2020 02:50:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (12/06/2020 02:50:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (12/06/2020 02:50:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Chroma SDK Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.


Windows Defender:
===================================
Date: 2020-12-05 10:10:46.4960000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {B5E40E36-5EE3-43C3-A960-71986E222A40}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-03 22:00:06.6970000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {A586908D-FC57-4254-8957-B40A887083D2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-03 20:43:19.2390000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {145DD4B4-8FFE-4C6E-895B-492FA3DF6210}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-02 21:59:01.2300000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {1DE22E18-0637-42BA-B7A7-8E1BD383B33D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-30 11:05:38.5370000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {D7F158C8-637F-4DBB-9A4E-75604A2DB62C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-12-05 23:48:11.5860000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:48:10.1940000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:58.2530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:36.7980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1490000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1470000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-05 23:47:32.1280000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.20 07/27/2020
Motherboard: ASRock B450M Pro4-F
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 31%
Total physical RAM: 16315.45 MB
Available physical RAM: 11129.73 MB
Total Virtual: 18747.45 MB
Available Virtual: 11813.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:93.67 GB) NTFS
Drive d: (Programy) (Fixed) (Total:324.94 GB) (Free:147.59 GB) NTFS
Drive e: (Data) (Fixed) (Total:506.44 GB) (Free:238.09 GB) NTFS

\\?\Volume{056afadb-7495-4b37-b205-0af3b93c272d}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{7b4a988e-81e3-453f-9fd2-50418ace4571}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Omylom som nainštaloval falošný softvér

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {5D4E2291-2D98-414B-A209-111A28C55F63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
Task: {9590D61B-AFDA-44DB-B757-35548F8BEB43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
C:\Program Files (x86)\Temp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

EmptyTemp:
End
Uložte do C:\Users\XXXXX\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tipota
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 led 2008 04:05

Re: Omylom som nainštaloval falošný softvér

#7 Příspěvek od tipota »

Toto je fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-12-2020
Ran by XXXXX (06-12-2020 18:36:43) Run:1
Running from C:\Users\XXXXX\Downloads
Loaded Profiles: XXXXX
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {5D4E2291-2D98-414B-A209-111A28C55F63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
Task: {9590D61B-AFDA-44DB-B757-35548F8BEB43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-22] (Google LLC -> Google LLC)
C:\Program Files (x86)\Temp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D4E2291-2D98-414B-A209-111A28C55F63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D4E2291-2D98-414B-A209-111A28C55F63}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9590D61B-AFDA-44DB-B757-35548F8BEB43}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9590D61B-AFDA-44DB-B757-35548F8BEB43}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Program Files (x86)\Temp => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16904046 B
Java, Flash, Steam htmlcache => 26706937 B
Windows/system/drivers => 13600815 B
Edge => 0 B
Chrome => 441095286 B
Firefox => 9276784 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 38882 B
NetworkService => 41786 B
XXXXX => 343700984 B

RecycleBin => 396228 B
EmptyTemp: => 820.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:36:51 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Omylom som nainštaloval falošný softvér

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tipota
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 07 led 2008 04:05

Re: Omylom som nainštaloval falošný softvér

#9 Příspěvek od tipota »

PC ide dobre, ďakujem za pomoc.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Omylom som nainštaloval falošný softvér

#10 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“