VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=158216

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 13 srp 2021 20:43
od Bubenos
Windows defender hlásí hrozbu, skoro každý den ten soubor obnovuje. Konkrétně se jedná o cscript.exe ( zasílám obrázek v příloze ).

Prosím tedy o kontrolu logu. Děkuji
cskript.png
cskript.png (30.33 KiB) Zobrazeno 1115 x
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2021
Ran by dbube (administrator) on DESKTOP-48MB1C3 (ATComputers TRILINE PROFI OFFICE) (13-08-2021 21:34:25)
Running from D:\Programy
Loaded Profiles: dbube
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] D:\Hry\Rocket League smurf BubenD\rocketleague\BakkesMod\BakkesMod.exe
(Bad Panda, Inc. -> Bad Panda, Inc.) C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe <6>
(Discord Inc. -> Discord Inc.) C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270776 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Discord] => C:\Users\dbube\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Gif Your Game] => C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [126447560 2021-08-10] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Run: [Discord] => C:\Users\Vlasťule\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0307D6D5-D21C-41EA-96C8-B255658C50BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07986CF8-43D5-4912-9B05-CA6263A7B4AC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {10D03C8F-FC2E-44CE-AD30-BB4914AA11A7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BB60CE9-224F-409B-BA95-77A03E0A6A0F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {3BA721FB-7708-4803-83C4-FACEFD33031E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55A33193-7971-439E-9762-CB9B4A91CC18} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60772A8F-335C-4C62-931D-DACF10279E0F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FE6A2C0-4FC4-4B8D-85E7-40E5BA9C88A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {905F9ACA-862D-4BDA-B9F4-E2C2FB9E6247} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90D06DA3-E888-4D74-9C1E-D3321F9EDA5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E92E098-E8B6-47ED-A810-2F99CEB01A2E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2C6754C-8DE5-4EA1-BFAF-148116685EBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C748CBC0-8DD3-404A-8BC1-DF8DF3FA76C3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2019-04-03] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E9E0E335-410D-4069-9FF0-1F60F33AAAC5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FE4A556B-9322-447F-8387-F6D3BC62698D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{b7f826c6-ea01-4714-a535-4e19bd4e854c}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{c6197426-c54d-4121-a8e4-ec03077a2b2b}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\dbube\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-13]

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default [2021-08-13]
CHR DownloadDir: C:\Users\dbube\Desktop
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-21]
CHR Extension: (BetterTTV) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-08-07]
CHR Extension: (Dokumenty) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-21]
CHR Extension: (Disk Google) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (FrankerFaceZ) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-09-17]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-29]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-14]
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2020-04-06] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1347464 2021-03-04] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [24312 2010-07-30] (Pitney Bowes -> Pitney Bowes)
R3 MpKsleaa83092; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5FD0DA0-C2E1-4235-AA43-D3E831254D93}\MpKslDrv.sys [123112 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 nvoclk64; C:\WINDOWS\System32\drivers\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-13 21:34 - 2021-08-13 21:34 - 000000000 ____D C:\FRST
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 05:58 - 2021-08-12 05:58 - 000000000 ___HD C:\$WinREAgent
2021-08-11 19:12 - 2021-08-11 19:11 - 000382411 _____ C:\Users\dbube\Desktop\OP.jpeg
2021-08-11 19:05 - 2021-08-11 19:05 - 000638018 _____ C:\Users\dbube\Desktop\GDPR2.jpeg
2021-08-11 19:05 - 2021-08-11 19:04 - 000634636 _____ C:\Users\dbube\Desktop\GDPR1.jpeg
2021-08-11 19:02 - 2021-08-11 19:02 - 000045641 _____ C:\Users\dbube\Desktop\GDPR.pdf
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001474672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001212536 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000716928 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000645248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001595536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001171088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000919184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000706168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-11 15:34 - 2021-08-06 10:41 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 008854136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 005680768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-11 15:34 - 2021-08-06 10:39 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-11 15:34 - 2021-08-06 10:38 - 006215808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-11 15:34 - 2021-08-05 23:12 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-08-07 17:38 - 2021-08-07 17:38 - 000000000 ____D C:\Users\dbube\AppData\Local\GSS2
2021-08-07 17:22 - 2021-08-07 17:22 - 000000223 _____ C:\Users\dbube\Desktop\Gas Station Simulator Prologue - Early Days.url
2021-08-07 16:41 - 2021-08-07 16:41 - 001165100 _____ C:\Users\dbube\Desktop\(BUBEN)ALL_STARS - Stat Hráč.pdf
2021-08-02 06:32 - 2021-08-09 08:45 - 000010398 _____ C:\Users\Vlasťule\Desktop\Co už mám domluveno.odt
2021-08-01 18:03 - 2021-08-01 18:03 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2021-08-01 18:03 - 2021-08-01 18:03 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-08-01 18:02 - 2021-08-01 18:02 - 000000000 ____D C:\ProgramData\Dell
2021-08-01 17:51 - 2021-08-01 17:51 - 000000000 ____D C:\ProgramData\Outbyte
2021-08-01 17:28 - 2021-08-01 17:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\NVIDIA
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140.zip
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140 (1).zip
2021-07-30 08:22 - 2021-07-30 08:22 - 000117280 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade (1).pdf
2021-07-30 08:19 - 2021-07-30 08:19 - 000117293 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade.pdf
2021-07-29 08:19 - 2021-07-29 08:26 - 000000000 ____D C:\Users\Vlasťule\Desktop\Terinka v Praze Červenec 2021
2021-07-28 19:59 - 2021-07-28 19:59 - 000000112 ___SH C:\bootTel.dat
2021-07-28 19:59 - 2021-07-28 19:59 - 000000000 __SHD C:\found.000
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-07-28 19:45 - 2021-07-12 13:32 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-28 19:44 - 2021-08-06 10:41 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-28 19:44 - 2021-08-06 10:38 - 007280848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-07-28 19:30 - 2021-07-28 20:39 - 000000060 _____ C:\Users\dbube\Downloads\query.htm
2021-07-28 19:16 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 16:04 - 2021-08-05 17:16 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 16:04 - 2021-08-05 17:16 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-15 18:32 - 2021-07-15 18:32 - 000000000 ____D C:\Users\dbube\AppData\LocalLow\Amistech

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-13 21:36 - 2021-01-18 12:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\badpanda-react
2021-08-13 21:34 - 2019-05-21 15:54 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-13 21:32 - 2020-09-06 13:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-13 21:32 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Roaming\discord
2021-08-13 21:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-13 21:21 - 2020-09-06 13:45 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A8E94C42-9C4F-4DEE-9B06-7CDE732D054B}
2021-08-13 21:21 - 2019-05-21 15:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-13 21:14 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Local\Discord
2021-08-13 17:34 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-13 16:57 - 2021-01-22 16:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 15:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-13 15:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-13 15:21 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-13 15:20 - 2020-09-06 13:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 15:20 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-13 15:20 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-13 15:13 - 2020-09-06 13:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-13 15:13 - 2020-09-06 13:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-12 17:28 - 2020-09-06 13:38 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-12 17:28 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-12 17:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 06:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 05:58 - 2019-05-22 12:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 05:56 - 2019-05-22 12:01 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 19:11 - 2019-09-07 16:57 - 000000000 ___RD C:\Users\dbube\Documents\Scanned Documents
2021-08-11 16:54 - 2019-05-21 15:50 - 000000000 ____D C:\Users\dbube\AppData\Local\Packages
2021-08-11 15:42 - 2019-05-21 16:24 - 000000000 ____D C:\Users\dbube\AppData\Local\NVIDIA
2021-08-09 18:11 - 2020-08-09 19:37 - 000000000 ____D C:\Users\Vlasťule\AppData\Roaming\discord
2021-08-09 18:05 - 2020-10-31 22:45 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\Discord
2021-08-09 08:25 - 2020-09-06 13:45 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1001
2021-08-09 08:25 - 2020-09-06 13:39 - 000002377 _____ C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:25 - 2019-05-21 15:51 - 000000000 ___RD C:\Users\dbube\OneDrive
2021-08-09 08:23 - 2020-09-06 13:45 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1002
2021-08-09 08:23 - 2020-09-06 13:39 - 000002386 _____ C:\Users\Vlasťule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:23 - 2019-05-25 09:17 - 000000000 ___RD C:\Users\Vlasťule\OneDrive
2021-08-08 20:25 - 2019-05-21 18:27 - 000000000 ____D C:\Users\dbube\AppData\Local\CrashDumps
2021-08-07 23:15 - 2020-09-06 13:39 - 000000000 ____D C:\Users\dbube
2021-08-07 17:38 - 2020-03-18 19:33 - 000000000 ____D C:\Users\dbube\AppData\Local\UnrealEngine
2021-08-07 17:22 - 2021-04-15 22:03 - 000000000 ____D C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-07 17:09 - 2020-03-21 13:22 - 000000000 ____D C:\Users\dbube\AppData\Local\Battle.net
2021-08-07 15:14 - 2020-07-15 11:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-04 15:42 - 2019-05-21 15:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-04 15:42 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 05:55 - 2020-09-06 13:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 05:55 - 2020-09-06 13:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 17:45 - 2020-12-16 19:11 - 000000000 ____D C:\Users\dbube\Documents\Obnova hesel nebo účtu
2021-08-01 17:23 - 2019-05-21 16:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-01 15:43 - 2021-01-14 13:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2021-08-01 15:43 - 2021-01-14 13:31 - 000000000 ____D C:\Users\dbube\Documents\Adobe
2021-08-01 15:40 - 2021-01-14 13:28 - 000000000 ____D C:\Program Files\Adobe
2021-07-29 09:40 - 2019-08-15 17:47 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\PlaceholderTileLogoFolder
2021-07-29 09:33 - 2020-11-12 09:05 - 000000000 ___RD C:\Users\Vlasťule\Documents\Scanned Documents
2021-07-28 19:48 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 16:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 15:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-28 19:16 - 2020-09-06 13:45 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:13 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 09:45 - 2021-01-22 16:39 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-01-22 16:39 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 20:04 - 2019-12-14 23:12 - 000000000 ____D C:\Users\dbube\AppData\Roaming\qBittorrent
2021-07-14 16:36 - 2019-05-21 18:41 - 000000000 ____D C:\Users\dbube\AppData\Local\D3DSCache
2021-07-14 15:33 - 2019-08-08 16:27 - 000013189 _____ C:\Users\dbube\Desktop\PLATBY.odt

==================== Files in the root of some directories ========

2020-06-09 15:08 - 2020-06-09 15:08 - 000004973 _____ () C:\Users\dbube\AppData\Local\PlariumPlay.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Prosím o kontrolu logu

Napsal: 13 srp 2021 20:46
od Bubenos
a log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by dbube at 2021-08-13 21:46:19
Microsoft Windows 10 Home
System drive C: has 26 GB (23%) free of 114 GB
Total RAM: 16320 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:20, on 13.08.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0906)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\trend micro\dbube.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [Discord] C:\Users\dbube\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [Gif Your Game] "C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_67bfa - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem10.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service: @oem10.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9284 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
"C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\NVIDIA\DisplaySessionContainer%d.log -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
dashost.exe {779a9a93-168b-49af-8f205d20c2a1bad6}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump

"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc

"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21062.150.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1992,11784705933645439193,10259786493068151237,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACACwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=3248637414427293365 --mojo-platform-channel-handle=2080 /prefetch:2
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1992,11784705933645439193,10259786493068151237,131072 --disable-features=VizDisplayCompositor --service-pipe-token=18202738869688230686 --lang=en-US --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18202738869688230686 --renderer-client-id=3 --mojo-platform-channel-handle=2588 /prefetch:1
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe"
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe"
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\dbube\AppData\Roaming\discord /prefetch:7 --no-rate-limit --no-upload-gzip --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\dbube\AppData\Roaming\discord\Crashpad --url=https://sentry.io/api/146342/minidump/? ... be03b2b35a "--annotation=_companyName=Discord Inc." --annotation=_productName=Discord --annotation=_version=1.0.9002 --annotation=prod=Electron --annotation=ver=9.3.5 --initial-client-data=0x46c,0x470,0x474,0x448,0x478,0x5c14078,0x5c14088,0x5c14094
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=gpu-process --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1700 /prefetch:2
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=utility --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2112 /prefetch:8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\resources\app.asar" --no-sandbox --no-zygote --native-window-open --preload="C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\modules\discord_desktop_core-3\discord_desktop_core\core.asar\app\mainScreenPreload.js" --context-isolation --background-color=#202225 --enable-spellcheck --enable-websql --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1 --enable-node-leakage-in-renderers
"C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe" -ServerName:App.AppX2y379sjp88wjq1y80217mddj3fargf2y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k AarSvcGroup -p -s AarSvc
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=gpu-process --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1764 /prefetch:2
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2180 /prefetch:8
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=renderer --js-flags=--max-old-space-size=8192 --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=gg.badpanda --app-path="C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\app.asar" --node-integration --node-integration-in-worker --no-sandbox --no-zygote --enable-remote-module --background-color=#0c0c0c --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:1 --audio-only=false --disable-renderer-backgrounding
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=renderer --js-flags=--max-old-space-size=8192 --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=gg.badpanda --app-path="C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\app.asar" --node-integration --no-sandbox --no-zygote --enable-remote-module --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2500 /prefetch:1 --audio-only=true --disable-renderer-backgrounding
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=utility --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=3420 /prefetch:8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc


"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files (x86)\Steam\Steam.exe" -- "steam://rungameid/252950"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\dbube\AppData\Local\Steam\htmlcache" "-steampid=9716" "-buildid=1626824053" "-steamid=0" "-cachedir=C:\Users\dbube\AppData\Local\Steam\htmlcache" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\Hry\Rocket League smurf BubenD\rocketleague\BakkesMod\BakkesMod.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\dbube\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1626824053 --initial-client-data=0x338,0x33c,0x340,0x334,0x344,0x7ffd4cecbf10,0x7ffd4cecbf20,0x7ffd4cecbf30
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1626824053 --steamid=0 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=13741454153931473766 --mojo-platform-channel-handle=1452 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --lang=cs --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1626824053 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=12238178013777895268 --mojo-platform-channel-handle=1664 /prefetch:8
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1626824053 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6400056311554282590 --renderer-client-id=5 --mojo-platform-channel-handle=2736 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1626824053 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5895780708968842739 --renderer-client-id=6 --mojo-platform-channel-handle=2908 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1626824053 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8475701003700723290 --renderer-client-id=7 --mojo-platform-channel-handle=3156 /prefetch:1
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=2312 /prefetch:8
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21070.22007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\dbube\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\dbube\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=92.0.4515.131 --initial-client-data=0xf4,0xf8,0xfc,0xd0,0x100,0x7ffd35c25390,0x7ffd35c253a0,0x7ffd35c253b0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1924 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2248 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --extension-process --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=5104 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CaptureService
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x5e8
"D:\Programy\RSITx64.exe"


"D:\Programy\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784

======Scheduled tasks folder======

C:\WINDOWS\tasks\Intel PTT EK Recertification.job - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_bho_64.dll [2021-08-05 522648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_bho.dll [2021-08-05 406928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-04-01 9270776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Discord"=C:\Users\dbube\AppData\Local\Discord\Update.exe [2020-12-03 1512760]
"Gif Your Game"=C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [2021-08-10 126447560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"aux2"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-08-13 21:43:04 ----D---- C:\rsit
2021-08-13 21:34:10 ----D---- C:\FRST
2021-08-12 06:05:52 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\system32\wmp.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-08-12 06:05:50 ----A---- C:\WINDOWS\system32\cdp.dll
2021-08-12 06:05:49 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-08-12 06:05:49 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\MPG4DECD.DLL
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\MP43DECD.DLL
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2021-08-12 06:05:44 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\mfps.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\mf.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsRaw.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\system32\WindowsCodecsRaw.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2021-08-12 06:05:39 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2021-08-12 06:05:39 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-08-12 06:05:39 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\winhttpcom.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\wiashext.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\wiadefui.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\wiaacmgr.exe
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\PayloadRestrictions.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\wslapi.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\wsl.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\wkspbroker.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\Spectrum.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\SIHClient.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\wsp_health.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\systemreset.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\offreg.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\nshwfp.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\nltest.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\klist.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\FsIso.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\FrameServer.dll
2021-08-12 06:05:34 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\jscript9.dll
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-08-12 06:05:32 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2021-08-12 06:05:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-08-12 06:05:32 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\wiashext.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\wiadefui.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\jscript.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\HelpPane.exe
2021-08-12 06:05:30 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-08-12 06:05:30 ----A---- C:\WINDOWS\system32\computestorage.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.FileExplorer.Common.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\drvsetup.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\winhttpcom.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\skci.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\resutils.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\PayloadRestrictions.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\ntlanman.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\newdev.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\ndadmin.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\joinutil.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\devrtl.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\devobj.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\ocsetapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\D3D12Core.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\cfgmgr32.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\TextInputMethodFormatter.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\DispBroker.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-08-12 06:05:25 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2021-08-12 06:05:25 ----A---- C:\WINDOWS\SYSWOW64\aadWamExtension.dll
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\wsmprovhost.exe
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\DataExchange.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmRes.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\wsmplpxy.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAuto.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WSManMigrationPlugin.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAgent.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\system32\pku2u.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\shell32.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\setupapi.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\rtutils.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\rascustom.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\pnputil.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\pnppolicy.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\ntprint.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\ntprint.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\newdev.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\newdev.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\ndadmin.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\drvsetup.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\drvinst.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\wininet.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\sppsvc.exe
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\nlasvc.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\nlaapi.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\ncsi.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\jsproxy.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\joinutil.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\gpapi.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\wuuhext.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\winlogon.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\tdh.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\policymanager.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\ntlanman.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\lpk.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\gpsvc.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\efslsaext.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\configmanager2.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\sscore.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\srvsvc.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\WdfLdr.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\wusa.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\winhttp.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\webio.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\hal.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\dnsapi.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\devrtl.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\devobj.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\ci.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\winresume.exe
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\winload.exe
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\dwmghost.dll
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\uReFS.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\refsutil.exe
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmRes.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmAgent.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WinREAgent.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\NotificationController.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wups2.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wups.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuaueng.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuauclt.exe
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuapi.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\upshared.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\updatecsp.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\ProductEnumerator.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\AppResolver.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wpnapps.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wintrust.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\win32u.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\win32k.sys
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wc_storage.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\usoapi.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\user32.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\profext.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\kerberos.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\drivers\CEA.sys
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\storewuauth.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\ISM.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\tquery.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssvp.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssrch.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssprxy.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssph.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssitlb.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\msscntrs.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\InputService.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\DispBroker.dll
2021-08-12 06:05:10 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\thumbcache.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\cdd.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\aadWamExtension.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\wudriver.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\kernel32.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\DataExchange.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\wpx.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\win32spl.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\twinui.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\localspl.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2021-08-12 06:05:03 ----A---- C:\WINDOWS\explorer.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\WpcTok.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\bcdedit.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\splwow64.exe
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\ManageCI.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\iscsilog.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\TsUsbGD.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\monitor.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\autopilot.dll
2021-08-12 05:58:52 ----HD---- C:\$WinREAgent
2021-08-12 05:58:43 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-08-12 05:58:42 ----A---- C:\WINDOWS\system32\poqexec.exe
2021-08-11 15:34:28 ----A---- C:\WINDOWS\system32\nvml.dll
2021-08-11 15:34:28 ----A---- C:\WINDOWS\system32\nvcpl.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\OpenCL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\nvidia-smi.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\system32\nvdebugdump.exe
2021-08-11 15:34:14 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\system32\nvcuda.dll
2021-08-11 15:34:13 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2021-08-11 15:34:13 ----A---- C:\WINDOWS\system32\MCU.exe
2021-08-01 18:03:30 ----HD---- C:\Program Files (x86)\Temp
2021-08-01 18:03:23 ----A---- C:\WINDOWS\SYSWOW64\RtkMsgs.dll
2021-08-01 18:02:59 ----D---- C:\ProgramData\Dell
2021-08-01 17:51:24 ----D---- C:\ProgramData\Outbyte
2021-08-01 17:28:03 ----D---- C:\Users\dbube\AppData\Roaming\NVIDIA
2021-08-01 17:27:52 ----A---- C:\WINDOWS\system32\msvcp140.dll
2021-07-28 19:59:02 ----SH---- C:\bootTel.dat
2021-07-28 19:59:01 ----SHD---- C:\found.000
2021-07-28 19:48:02 ----D---- C:\WINDOWS\system32\lxss
2021-07-28 19:48:02 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2021-07-28 19:45:11 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2021-07-28 19:45:11 ----A---- C:\WINDOWS\system32\drivers\nvhdap64.dll
2021-07-28 19:45:11 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2021-07-28 19:44:22 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2021-07-28 19:44:16 ----A---- C:\WINDOWS\system32\nvapi64.dll
2021-07-28 19:16:40 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\sdchange.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\raserver.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\racpldlg.dll
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\msra.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\sdchange.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\raserver.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\racpldlg.dll
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\msrahc.dll
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\msra.exe
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\WMVCORE.DLL
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\COLORCNV.DLL
2021-07-16 16:12:40 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2021-07-16 16:12:40 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\signdrv.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\signdrv.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msisip.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msinfo32.exe
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msi.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msconfig.exe
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhtask.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsvc.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsrchph.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsrchapi.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhshl.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhmanagew.exe
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhlisten.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhevents.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhengine.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhcleanup.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhcfg.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhcat.dll
2021-07-16 16:12:32 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2021-07-16 16:12:32 ----A---- C:\WINDOWS\SYSWOW64\drivers\afunix.sys
2021-07-16 16:12:32 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\httpapi.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\rastapi.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\rasmans.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\drivers\afunix.sys
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\comctl32.dll
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\gdi32full.dll
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\httpapi.dll
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\samsrv.dll
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\samlib.dll
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\offlinesam.dll
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-07-16 16:12:27 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\wci.dll
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\drivers\condrv.sys
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-07-16 16:12:25 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2021-07-16 16:12:25 ----A---- C:\WINDOWS\system32\aadtb.dll
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys

======List of files/folders modified in the last 1 month======

2021-08-13 21:46:20 ----D---- C:\Program Files\trend micro
2021-08-13 21:46:11 ----D---- C:\Users\dbube\AppData\Roaming\badpanda-react
2021-08-13 21:43:24 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-08-13 21:43:12 ----D---- C:\WINDOWS\Prefetch
2021-08-13 21:37:29 ----D---- C:\WINDOWS\INF
2021-08-13 21:34:43 ----D---- C:\Program Files (x86)\Steam
2021-08-13 21:34:42 ----SHD---- C:\System Volume Information
2021-08-13 21:32:50 ----D---- C:\Users\dbube\AppData\Roaming\discord
2021-08-13 21:32:40 ----D---- C:\WINDOWS\system32\SleepStudy
2021-08-13 21:21:50 ----D---- C:\Program Files (x86)\Google
2021-08-13 21:18:00 ----D---- C:\WINDOWS\system32\sru
2021-08-13 17:34:44 ----D---- C:\ProgramData\NVIDIA
2021-08-13 16:57:59 ----SHDC---- C:\WINDOWS\Installer
2021-08-13 16:57:59 ----D---- C:\WINDOWS\Temp
2021-08-13 16:57:59 ----D---- C:\WINDOWS\system32\Logs
2021-08-13 16:57:59 ----D---- C:\Program Files\Microsoft Update Health Tools
2021-08-13 15:59:46 ----RD---- C:\WINDOWS\Microsoft.NET
2021-08-13 15:58:24 ----HD---- C:\Program Files\WindowsApps
2021-08-13 15:58:24 ----D---- C:\WINDOWS\AppReadiness
2021-08-13 15:20:19 ----D---- C:\WINDOWS\System32
2021-08-13 15:20:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 15:16:48 ----D---- C:\WINDOWS\system32\config
2021-08-13 15:13:42 ----D---- C:\WINDOWS\system32\catroot2
2021-08-13 15:13:22 ----ASH---- C:\DumpStack.log.tmp
2021-08-12 17:28:35 ----D---- C:\WINDOWS\WinSxS
2021-08-12 17:28:28 ----D---- C:\WINDOWS\system32\DriverStore
2021-08-12 17:28:18 ----D---- C:\WINDOWS\SysWOW64
2021-08-12 17:28:18 ----D---- C:\WINDOWS\system32\drivers
2021-08-12 17:27:38 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-08-12 17:27:38 ----D---- C:\WINDOWS\SYSWOW64\Dism
2021-08-12 17:27:37 ----SD---- C:\WINDOWS\system32\UNP
2021-08-12 17:27:37 ----D---- C:\WINDOWS\SystemResources
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\wbem
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\oobe
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\migration
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\en-US
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\Dism
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\cs-CZ
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\Boot
2021-08-12 17:27:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-08-12 17:27:36 ----D---- C:\WINDOWS\ShellComponents
2021-08-12 17:27:36 ----D---- C:\WINDOWS\servicing
2021-08-12 17:27:36 ----D---- C:\WINDOWS\bcastdvr
2021-08-12 17:27:36 ----D---- C:\WINDOWS\apppatch
2021-08-12 17:27:36 ----D---- C:\Windows
2021-08-12 17:27:36 ----D---- C:\Program Files\Internet Explorer
2021-08-12 17:27:36 ----D---- C:\Program Files (x86)\Internet Explorer
2021-08-12 06:07:50 ----D---- C:\WINDOWS\CbsTemp
2021-08-12 05:58:17 ----D---- C:\WINDOWS\system32\MRT
2021-08-12 05:56:55 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-08-09 08:25:12 ----D---- C:\WINDOWS\system32\Tasks
2021-08-04 15:42:58 ----D---- C:\WINDOWS\system32\drivers\wd
2021-08-01 18:03:30 ----RD---- C:\Program Files (x86)
2021-08-01 18:02:59 ----HD---- C:\ProgramData
2021-08-01 17:23:59 ----D---- C:\ProgramData\Package Cache
2021-08-01 15:40:57 ----D---- C:\Program Files\Adobe
2021-07-28 20:01:11 ----D---- C:\WINDOWS\system32\WDI
2021-07-28 19:59:40 ----SD---- C:\ProgramData\Microsoft
2021-07-28 19:48:08 ----D---- C:\ProgramData\NVIDIA Corporation
2021-07-28 19:46:13 ----D---- C:\Program Files\NVIDIA Corporation
2021-07-28 19:46:13 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2021-07-28 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2021-07-28 19:12:27 ----D---- C:\WINDOWS\SYSWOW64\drivers
2021-07-28 19:12:27 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:12:27 ----D---- C:\WINDOWS\system32\CodeIntegrity
2021-07-28 19:12:27 ----D---- C:\Program Files\Windows Mail
2021-07-28 19:12:27 ----D---- C:\Program Files\Common Files\System
2021-07-28 19:12:27 ----D---- C:\Program Files (x86)\Windows Mail
2021-07-28 19:12:13 ----D---- C:\WINDOWS\system32\Sysprep
2021-07-16 09:45:32 ----A---- C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45:30 ----A---- C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 20:04:38 ----D---- C:\Users\dbube\AppData\Roaming\qBittorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2019-04-03 1469952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-09 57168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-12-07 88080]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-07-16 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-07-09 97792]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-07-09 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-07-16 496128]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-14 53248]
R3 ICCWDT;@oem21.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2019-04-03 39504]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2019-04-01 6794744]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverW8x64.sys [2019-04-03 223832]
R3 MpKsleaa83092;MpKsleaa83092; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5FD0DA0-C2E1-4235-AA43-D3E831254D93}\MpKslDrv.sys [2021-08-13 123112]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-09 322376]
R3 NVHDA;@oem19.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2021-07-12 136472]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvlddmkm.sys [2021-08-06 37433984]
R3 NvModuleTracker;@oem12.inf,%ServiceName%;NvModuleTracker; C:\WINDOWS\System32\drivers\NvModuleTracker.sys [2020-08-14 43416]
R3 nvvad_WaveExtensible;@oem35.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem30.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2021-07-12 67464]
R3 rt640x64;@oem3.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-02-20 1138136]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-12-07 209720]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-07-09 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-08-12 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-09 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-08-12 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2021-08-12 1563136]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-08-12 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 DM150Drv;DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [2010-07-30 24312]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-07-09 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-14 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 ISCT;@oem38.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\WINDOWS\System32\drivers\ISCTD64.sys [2019-04-03 47008]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-07-09 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-02-14 207360]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM; C:\WINDOWS\System32\drivers\nvoclk64.sys [2009-09-15 42088]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-04-18 129872]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2016-12-21 40240]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 CDPUserSvc_67bfa;Uživatelská služba platformy připojených zařízení_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2021-05-04 903024]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe [2021-08-06 911992]
R2 OneSyncSvc_67bfa;Hostitel synchronizace_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2020-10-14 329504]
R3 AarSvc_67bfa;Agent Activation Runtime_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 CaptureService_67bfa;CaptureService_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 cbdhsvc_67bfa;Uživatelská služba schránky_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 PimIndexMaintenanceSvc_67bfa;Data kontaktů_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-08-12 986032]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-15 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-05-21 154920]
S2 Intel(R) TPM Provisioning Service;@oem10.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [2019-04-03 737552]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BcastDVRUserService_67bfa;Uživatelská služba pro GameDVR a vysílání her_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BluetoothUserService_67bfa;Služba pro podporu uživatelů Bluetooth_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 ConsentUxUserSvc_67bfa;ConsentUX_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-07-09 382688]
S3 CredentialEnrollmentManagerUserSvc_67bfa;CredentialEnrollmentManagerUserSvc_67bfa; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-07-09 382688]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DeviceAssociationBrokerSvc_67bfa;DeviceAssociationBroker_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicePickerUserSvc_67bfa;DevicePicker_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicesFlowUserSvc_67bfa;Tok zařízení_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-04-18 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-02-28 803440]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-15 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 FvSvc;NVIDIA FrameView SDK service; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [2021-05-15 409968]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\elevation_service.exe [2021-07-30 1460568]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-05-21 154920]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 Intel(R) Capability Licensing Service TCP IP Interface;@oem10.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [2019-04-03 761088]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 MessagingService_67bfa;Služba zasílání zpráv_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\elevation_service.exe [2021-08-05 1640352]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PrintWorkflowUserSvc_67bfa;PrintWorkflow_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2021-03-04 1347464]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-13 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2020-04-06 76152]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]

-----------------EOF-----------------

Re: Prosím o kontrolu logu

Napsal: 13 srp 2021 20:53
od Rudy
Zdravím!
RSIT není plně kompatibilní s Win10. K FRST přidejte ještě log Addition. Je v D:\Programy v souboru addition.txt.

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 16:54
od Bubenos
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2021
Ran by dbube (13-08-2021 21:36:12)
Running from D:\Programy
Windows 10 Home Version 2004 19041.1165 (X64) (2020-09-06 11:45:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1558997955-55845073-2629518697-500 - Administrator - Disabled)
dbube (S-1-5-21-1558997955-55845073-2629518697-1001 - Administrator - Enabled) => C:\Users\dbube
DefaultAccount (S-1-5-21-1558997955-55845073-2629518697-503 - Limited - Disabled)
Guest (S-1-5-21-1558997955-55845073-2629518697-501 - Limited - Disabled)
Vlasťule (S-1-5-21-1558997955-55845073-2629518697-1002 - Administrator - Enabled) => C:\Users\Vlasťule
WDAGUtilityAccount (S-1-5-21-1558997955-55845073-2629518697-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Auto Keys 1.0 (HKLM-x32\...\Auto Keys) (Version: - )
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FiveM (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Gif Your Game 5.1.7 (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 5.1.7 - Bad Panda, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2215.0 - Rockstar Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.2.5.2 (HKLM\...\{207F3229-8AA5-4544-BDB7-7995538A5ED5}) (Version: 6.2.5.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.1 (x64) (HKLM-x32\...\{ca778be6-9737-4a9d-a3e2-8d90ea0d5fec}) (Version: 5.0.1.29530 - Microsoft Corporation)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.2.2.51 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.3.2.30 - Native Instruments)
Nightbot 0.1.3 (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\b66ff3d2-8923-5696-ac2e-977beadfec4e) (Version: 0.1.3 - NightDev, LLC)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
qBittorrent 4.2.3 (HKLM-x32\...\qBittorrent) (Version: 4.2.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8668 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.35.340 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.7.46.0_x86__kgqvnymyfvs32 [2021-08-07] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.62.4.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2080.1.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-11] (NVIDIA Corp.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-07-01] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Розыгрыш ключей Steam.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,OpenURL "hxxps://terra.im/gl/?cid=19349&oid=mZWZvCwR&v=3&utm_campaign=repacks2&utm_medium=cpi"&trash= <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2021-01-18 12:28 - 2021-08-10 01:15 - 000466432 _____ () [File not signed] \\?\C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\app.asar.unpacked\node_modules\nsfw\build\Release\nsfw.node
2021-01-18 12:28 - 2021-08-10 01:15 - 002823680 _____ () [File not signed] C:\Users\dbube\AppData\Local\Programs\badpanda-react\ffmpeg.dll
2021-01-18 12:28 - 2021-08-10 01:15 - 000449024 _____ () [File not signed] C:\Users\dbube\AppData\Local\Programs\badpanda-react\libegl.dll
2021-01-18 12:28 - 2021-08-10 01:15 - 007620096 _____ () [File not signed] C:\Users\dbube\AppData\Local\Programs\badpanda-react\libglesv2.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-05-21 16:16 - 2020-07-01 14:42 - 000001760 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1558997955-55845073-2629518697-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dbube\Desktop\wp7633605-rocket-league-octane-wallpapers.jpg
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\Control Panel\Desktop\\Wallpaper -> D:\ZÁLOHA!\Záloha externího disku Verbatin Fotky a videa od Denise a od Vlastuli 09.02.2021\Vlasťule VŠE KOMPLET!!!! 30.5 2021\Terinka 2-3roky\inCollage_20210515_104310171.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6F1027CE-8DA9-42B0-9DBF-708982713D48}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{5CBDE432-6C17-4828-B06D-A6E3E18500EA}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{62B9B81B-4850-47E7-9B27-E8C5EC217FFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{41A9AB65-40EF-4A39-8E11-C07E3389FA08}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{906657C5-1A37-4A55-8923-60C4DDDF73D6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{5D6715E2-D232-4745-93A6-3B97D4DE8341}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{F0EF74A3-704E-490F-B237-B5CA35C8467A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{656A6944-FA05-4E81-8E9B-3B7F867A1688}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{1FF47BF8-CA24-4450-BB9E-3BEDD10FFFDA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B5B82461-1D3E-44ED-91E2-EA78BB305CAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{C84FAEBA-99FE-4154-81C9-0DF8578167A2}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{9B3ECFAE-B315-4C2A-B105-74F58F912EC1}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{A58E956B-F463-4685-A3C0-752812D3B99E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7413426-3073-4EA1-9B95-7F493B776FAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DA22F86F-F0AF-4CC9-9F4B-FF99018B0984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{362F35D2-870E-41C9-B4B4-F58E51FDB4F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9C6B20A8-8F7A-4212-8E69-00DA9781089B}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{15637F6B-4B83-40C3-960C-E0C198322A71}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C6C1601-D79E-4C74-86F3-00DC335F1EEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{149C46C4-381D-453B-9296-52D5A5E0BC80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5956D0D-F8FF-4E57-9BE2-35E47142004E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{D7754C03-BF99-41E7-BEDF-971E72E4312A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{9DE93AE4-91A4-49FE-AEA5-E894078E6EB5}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6686FBC0-2D5F-43A1-9778-FD9CBFFAC320}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{EC0A99D1-7C09-45F5-AC3C-4FEED5547E95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C78E9613-00CC-421A-9AE4-9AC8E4856F95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74137B26-D78B-4065-8DD8-C68EF612F6B4}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{BD5E418F-2D04-4012-904C-A86CCB4B12D9}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [TCP Query User{C70081E0-C108-4AF2-95F8-0A64DCDC2EED}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0049EB04-3AE9-45F8-9AB8-ABA733E3D784}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D7B85F29-D3D2-4056-A8F4-91D594BE617A}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{AE621556-1D17-4015-8EFF-8A75D2A40912}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [{33448BA5-E5F1-44C8-A9AF-28FF941B8CFD}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{294D19F6-7CBB-4F00-9211-4D158208A4EE}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{C247046E-8BFA-467D-A9DF-FD298E7238B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D869EB3-557C-4067-99F5-BC61C9D6532A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06181DEA-27BE-48ED-8EEE-34BE475FF400}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{66ED181A-3537-4C92-8B4B-BEE9FF7B2584}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15D9113B-F7ED-4DEA-B76A-F047F9F2A075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D713B075-3D9C-4356-84E8-AAC199FD3EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E520BA6-D7B6-4ECF-B239-976EAA25B7B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FAC393C9-C468-4745-B08E-6FBDFABBF95B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{895D0120-4CC3-494B-8D42-E848652B896D}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B7780F92-ED5D-4688-8C98-EAE145733B7B}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{13ECA2B7-D888-4D8F-A4F5-C40A07198CB5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C000F113-0FDA-4F10-86AF-6668EFB5C30C}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5A26776F-6101-4965-86FB-0668F3CB986A}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A62CB70E-0958-43FE-AE2B-09CB0E8A8436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{3C985EB6-1244-47AC-AA34-A45862E0DDD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.08 GB) (Free:25.34 GB) (23%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/08/2021 08:25:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Gif Your Game.exe, verze: 4.1.13.0, časové razítko: 0x601d93db
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x49e0
Čas spuštění chybující aplikace: 0x01d78c82c6d0ae5e
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b7e602f9-e20f-49ce-8675-6a3c46da64bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/07/2021 07:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GSS2-Win64-Shipping.exe, verze: 4.25.4.0, časové razítko: 0x60d19aa8
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000032da7
ID chybujícího procesu: 0x2e60
Čas spuštění chybující aplikace: 0x01d78ba249f75219
Cesta k chybující aplikaci: D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2\Binaries\Win64\GSS2-Win64-Shipping.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: ee2683d2-c534-404c-a274-eeb95b417d23
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/01/2021 05:32:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Název chybujícího modulu: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000014c2b
ID chybujícího procesu: 0x2974
Čas spuštění chybující aplikace: 0x01d786ea5f00a0de
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
ID zprávy: 33abee95-639e-4c9d-b12c-94761bd84a38
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/28/2021 07:57:07 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (4720,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (9956,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:03 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (1744,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (7496,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (15016,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.


System errors:
=============
Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (08/05/2021 06:04:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/04/2021 05:50:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 08:57:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 05:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) TPM Provisioning Service bylo dosaženo časového limitu (45000 ms).

Error: (07/30/2021 07:06:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/30/2021 07:04:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-08-11 18:24:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F55C22F1-2698-43AC-A761-C693AE8B8261}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 17:24:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A83C30F0-0662-495A-8548-03056024D28D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 08:22:28
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:O97M/Mountsi.D!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\cscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: DESKTOP-48MB1C3\dbube
Název procesu: C:\Windows\System32\cscript.exe
Verze bezpečnostních informací: AV: 1.345.159.0, AS: 1.345.159.0, NIS: 1.345.159.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-08 21:05:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4683580-AFB4-4195-B052-B492736FDA66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-08 21:01:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:O97M/Mountsi.D!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\cscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: DESKTOP-48MB1C3\dbube
Název procesu: C:\Windows\System32\cscript.exe
Verze bezpečnostních informací: AV: 1.345.159.0, AS: 1.345.159.0, NIS: 1.345.159.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-07-28 19:13:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.1114.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2304 05/26/2015
Motherboard: ASUSTeK COMPUTER INC. H81M-D PLUS
Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 35%
Total physical RAM: 16319.71 MB
Available physical RAM: 10589.23 MB
Total Virtual: 21695.71 MB
Available Virtual: 12544.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.08 GB) (Free:25.34 GB) NTFS
Drive d: (Disk D) (Fixed) (Total:1863.01 GB) (Free:1435.2 GB) NTFS

\\?\Volume{b2b6ce9f-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
\\?\Volume{b2b6ce9f-0000-0000-0000-c0d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4A7FA3EF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2B6CE9F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)

==================== End of Addition.txt =======================

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 18:12
od Rudy
OK. Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 19:27
od Bubenos
Šlo pouze vložit do karantény, možnost k smazani to nabídlo až v karanténě tak jsem dal smazat.

zde je log

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-14-2021
# Duration: 00:00:05
# OS: Windows 10 Home
# Scanned: 31994
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1462 octets] - [14/08/2021 20:23:48]
AdwCleaner[C00].txt - [1612 octets] - [14/08/2021 20:24:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 19:52
od Rudy
Dejte nové logy FRST+Addition.

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 20:09
od Bubenos
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by dbube (14-08-2021 21:07:19)
Running from D:\Programy
Windows 10 Home Version 2004 19041.1165 (X64) (2020-09-06 11:45:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1558997955-55845073-2629518697-500 - Administrator - Disabled)
dbube (S-1-5-21-1558997955-55845073-2629518697-1001 - Administrator - Enabled) => C:\Users\dbube
DefaultAccount (S-1-5-21-1558997955-55845073-2629518697-503 - Limited - Disabled)
Guest (S-1-5-21-1558997955-55845073-2629518697-501 - Limited - Disabled)
Vlasťule (S-1-5-21-1558997955-55845073-2629518697-1002 - Administrator - Enabled) => C:\Users\Vlasťule
WDAGUtilityAccount (S-1-5-21-1558997955-55845073-2629518697-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Auto Keys 1.0 (HKLM-x32\...\Auto Keys) (Version: - )
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FiveM (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Gif Your Game 5.1.7 (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 5.1.7 - Bad Panda, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2215.0 - Rockstar Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.2.5.2 (HKLM\...\{207F3229-8AA5-4544-BDB7-7995538A5ED5}) (Version: 6.2.5.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.1 (x64) (HKLM-x32\...\{ca778be6-9737-4a9d-a3e2-8d90ea0d5fec}) (Version: 5.0.1.29530 - Microsoft Corporation)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.2.2.51 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.3.2.30 - Native Instruments)
Nightbot 0.1.3 (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\b66ff3d2-8923-5696-ac2e-977beadfec4e) (Version: 0.1.3 - NightDev, LLC)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
qBittorrent 4.2.3 (HKLM-x32\...\qBittorrent) (Version: 4.2.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8668 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.35.340 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.7.46.0_x86__kgqvnymyfvs32 [2021-08-07] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.62.4.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2080.1.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-11] (NVIDIA Corp.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-07-01] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Розыгрыш ключей Steam.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,OpenURL "hxxps://terra.im/gl/?cid=19349&oid=mZWZvCwR&v=3&utm_campaign=repacks2&utm_medium=cpi"&trash= <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2021-01-04 09:14 - 2021-08-11 16:49 - 004113920 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\dll\bakkesmod.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 001275904 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\dll\pluginsdk.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000132608 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\airdribbleplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000942080 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\autoreplayuploader.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000154624 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\defenderplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000674304 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\dollycamplugin2.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000118784 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\dribbleplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000126976 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\mechanicalplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 001406464 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\pluginmanager.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 001915392 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\rconplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000120320 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\reboundplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000120832 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\recoveryplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000119808 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\redirectplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000399872 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\trainingplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000133632 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\wallhitplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000314368 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\workshopplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-05-21 16:16 - 2020-07-01 14:42 - 000001760 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1558997955-55845073-2629518697-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dbube\Desktop\wp7633605-rocket-league-octane-wallpapers.jpg
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\Control Panel\Desktop\\Wallpaper -> D:\ZÁLOHA!\Záloha externího disku Verbatin Fotky a videa od Denise a od Vlastuli 09.02.2021\Vlasťule VŠE KOMPLET!!!! 30.5 2021\Terinka 2-3roky\inCollage_20210515_104310171.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6F1027CE-8DA9-42B0-9DBF-708982713D48}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{5CBDE432-6C17-4828-B06D-A6E3E18500EA}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{62B9B81B-4850-47E7-9B27-E8C5EC217FFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{41A9AB65-40EF-4A39-8E11-C07E3389FA08}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{906657C5-1A37-4A55-8923-60C4DDDF73D6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{5D6715E2-D232-4745-93A6-3B97D4DE8341}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{F0EF74A3-704E-490F-B237-B5CA35C8467A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{656A6944-FA05-4E81-8E9B-3B7F867A1688}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{1FF47BF8-CA24-4450-BB9E-3BEDD10FFFDA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B5B82461-1D3E-44ED-91E2-EA78BB305CAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{C84FAEBA-99FE-4154-81C9-0DF8578167A2}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{9B3ECFAE-B315-4C2A-B105-74F58F912EC1}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{A58E956B-F463-4685-A3C0-752812D3B99E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7413426-3073-4EA1-9B95-7F493B776FAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DA22F86F-F0AF-4CC9-9F4B-FF99018B0984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{362F35D2-870E-41C9-B4B4-F58E51FDB4F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9C6B20A8-8F7A-4212-8E69-00DA9781089B}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{15637F6B-4B83-40C3-960C-E0C198322A71}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C6C1601-D79E-4C74-86F3-00DC335F1EEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{149C46C4-381D-453B-9296-52D5A5E0BC80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5956D0D-F8FF-4E57-9BE2-35E47142004E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{D7754C03-BF99-41E7-BEDF-971E72E4312A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [TCP Query User{9DE93AE4-91A4-49FE-AEA5-E894078E6EB5}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6686FBC0-2D5F-43A1-9778-FD9CBFFAC320}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{EC0A99D1-7C09-45F5-AC3C-4FEED5547E95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C78E9613-00CC-421A-9AE4-9AC8E4856F95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74137B26-D78B-4065-8DD8-C68EF612F6B4}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{BD5E418F-2D04-4012-904C-A86CCB4B12D9}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [TCP Query User{C70081E0-C108-4AF2-95F8-0A64DCDC2EED}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0049EB04-3AE9-45F8-9AB8-ABA733E3D784}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D7B85F29-D3D2-4056-A8F4-91D594BE617A}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{AE621556-1D17-4015-8EFF-8A75D2A40912}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [{33448BA5-E5F1-44C8-A9AF-28FF941B8CFD}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{294D19F6-7CBB-4F00-9211-4D158208A4EE}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{15D9113B-F7ED-4DEA-B76A-F047F9F2A075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D713B075-3D9C-4356-84E8-AAC199FD3EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E520BA6-D7B6-4ECF-B239-976EAA25B7B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FAC393C9-C468-4745-B08E-6FBDFABBF95B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{895D0120-4CC3-494B-8D42-E848652B896D}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B7780F92-ED5D-4688-8C98-EAE145733B7B}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{13ECA2B7-D888-4D8F-A4F5-C40A07198CB5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C000F113-0FDA-4F10-86AF-6668EFB5C30C}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5A26776F-6101-4965-86FB-0668F3CB986A}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A62CB70E-0958-43FE-AE2B-09CB0E8A8436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{3C985EB6-1244-47AC-AA34-A45862E0DDD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{1EE45564-5EDC-4ADC-ACC5-F357E2C719EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD6FF64E-9C2F-4F28-9742-AAB6AEAF3688}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{008A9B3E-16A0-435D-8B68-DEC304884DA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52D2B259-5A4A-4787-A66E-809130E5C2FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.08 GB) (Free:25.89 GB) (23%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/08/2021 08:25:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Gif Your Game.exe, verze: 4.1.13.0, časové razítko: 0x601d93db
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x49e0
Čas spuštění chybující aplikace: 0x01d78c82c6d0ae5e
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b7e602f9-e20f-49ce-8675-6a3c46da64bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/07/2021 07:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GSS2-Win64-Shipping.exe, verze: 4.25.4.0, časové razítko: 0x60d19aa8
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000032da7
ID chybujícího procesu: 0x2e60
Čas spuštění chybující aplikace: 0x01d78ba249f75219
Cesta k chybující aplikaci: D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2\Binaries\Win64\GSS2-Win64-Shipping.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: ee2683d2-c534-404c-a274-eeb95b417d23
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/01/2021 05:32:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Název chybujícího modulu: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000014c2b
ID chybujícího procesu: 0x2974
Čas spuštění chybující aplikace: 0x01d786ea5f00a0de
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
ID zprávy: 33abee95-639e-4c9d-b12c-94761bd84a38
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/28/2021 07:57:07 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (4720,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (9956,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:03 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (1744,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (7496,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (15016,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.


System errors:
=============
Error: (08/14/2021 08:24:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/14/2021 08:24:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/14/2021 08:24:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (08/05/2021 06:04:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/04/2021 05:50:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 08:57:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-08-14 19:09:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B200BD3C-FEAA-466B-99FD-FDF99A93E734}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-11 18:24:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F55C22F1-2698-43AC-A761-C693AE8B8261}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 17:24:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A83C30F0-0662-495A-8548-03056024D28D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 08:22:28
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:O97M/Mountsi.D!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\cscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: DESKTOP-48MB1C3\dbube
Název procesu: C:\Windows\System32\cscript.exe
Verze bezpečnostních informací: AV: 1.345.159.0, AS: 1.345.159.0, NIS: 1.345.159.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-08 21:05:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4683580-AFB4-4195-B052-B492736FDA66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-07-28 19:13:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.1114.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2304 05/26/2015
Motherboard: ASUSTeK COMPUTER INC. H81M-D PLUS
Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 56%
Total physical RAM: 16319.71 MB
Available physical RAM: 7044.42 MB
Total Virtual: 21695.71 MB
Available Virtual: 9305.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.08 GB) (Free:25.89 GB) NTFS
Drive d: (Disk D) (Fixed) (Total:1863.01 GB) (Free:1373.43 GB) NTFS

\\?\Volume{b2b6ce9f-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
\\?\Volume{b2b6ce9f-0000-0000-0000-c0d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4A7FA3EF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2B6CE9F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)

==================== End of Addition.txt =======================

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 20:45
od Bubenos
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by dbube (administrator) on DESKTOP-48MB1C3 (ATComputers TRILINE PROFI OFFICE) (14-08-2021 21:05:24)
Running from D:\Programy
Loaded Profiles: dbube
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
() [File not signed] D:\Hry\Rocket League smurf BubenD\rocketleague\BakkesMod\BakkesMod.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe <2>
(Psyonix, LLC) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270776 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Discord] => C:\Users\dbube\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Gif Your Game] => C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [126447560 2021-08-10] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Run: [Discord] => C:\Users\Vlasťule\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0307D6D5-D21C-41EA-96C8-B255658C50BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07986CF8-43D5-4912-9B05-CA6263A7B4AC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {10D03C8F-FC2E-44CE-AD30-BB4914AA11A7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BB60CE9-224F-409B-BA95-77A03E0A6A0F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {3BA721FB-7708-4803-83C4-FACEFD33031E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55A33193-7971-439E-9762-CB9B4A91CC18} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60772A8F-335C-4C62-931D-DACF10279E0F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FE6A2C0-4FC4-4B8D-85E7-40E5BA9C88A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {905F9ACA-862D-4BDA-B9F4-E2C2FB9E6247} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90D06DA3-E888-4D74-9C1E-D3321F9EDA5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E92E098-E8B6-47ED-A810-2F99CEB01A2E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2C6754C-8DE5-4EA1-BFAF-148116685EBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C748CBC0-8DD3-404A-8BC1-DF8DF3FA76C3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2019-04-03] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E9E0E335-410D-4069-9FF0-1F60F33AAAC5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FE4A556B-9322-447F-8387-F6D3BC62698D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{b7f826c6-ea01-4714-a535-4e19bd4e854c}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{c6197426-c54d-4121-a8e4-ec03077a2b2b}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\dbube\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-14]

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default [2021-08-14]
CHR DownloadDir: C:\Users\dbube\Desktop
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-21]
CHR Extension: (BetterTTV) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-08-07]
CHR Extension: (Dokumenty) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-21]
CHR Extension: (Disk Google) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (FrankerFaceZ) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-09-17]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-29]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-14]
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2020-04-06] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1347464 2021-03-04] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [24312 2010-07-30] (Pitney Bowes -> Pitney Bowes)
S3 nvoclk64; C:\WINDOWS\System32\drivers\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-14 20:22 - 2021-08-14 20:24 - 000000000 ____D C:\AdwCleaner
2021-08-14 20:22 - 2021-08-14 20:22 - 000000946 _____ C:\Users\dbube\Desktop\AdwCleaner – zástupce.lnk
2021-08-14 17:54 - 2021-08-14 17:54 - 000013218 _____ C:\Users\dbube\Desktop\ROZPIS_ALLSTARS_OD_9._Srpna.pdf
2021-08-13 21:46 - 2021-08-13 21:46 - 000000917 _____ C:\Users\dbube\Desktop\RSITx64 – zástupce.lnk
2021-08-13 21:43 - 2021-08-13 21:43 - 000000000 ____D C:\rsit
2021-08-13 21:34 - 2021-08-14 21:05 - 000000000 ____D C:\FRST
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 05:58 - 2021-08-12 05:58 - 000000000 ___HD C:\$WinREAgent
2021-08-11 19:12 - 2021-08-11 19:11 - 000382411 _____ C:\Users\dbube\Desktop\OP.jpeg
2021-08-11 19:05 - 2021-08-11 19:05 - 000638018 _____ C:\Users\dbube\Desktop\GDPR2.jpeg
2021-08-11 19:05 - 2021-08-11 19:04 - 000634636 _____ C:\Users\dbube\Desktop\GDPR1.jpeg
2021-08-11 19:02 - 2021-08-11 19:02 - 000045641 _____ C:\Users\dbube\Desktop\GDPR.pdf
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001474672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001212536 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000716928 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000645248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001595536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001171088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000919184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000706168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-11 15:34 - 2021-08-06 10:41 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 008854136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 005680768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-11 15:34 - 2021-08-06 10:39 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-11 15:34 - 2021-08-06 10:38 - 006215808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-11 15:34 - 2021-08-05 23:12 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-08-07 17:38 - 2021-08-07 17:38 - 000000000 ____D C:\Users\dbube\AppData\Local\GSS2
2021-08-07 17:22 - 2021-08-07 17:22 - 000000223 _____ C:\Users\dbube\Desktop\Gas Station Simulator Prologue - Early Days.url
2021-08-02 06:32 - 2021-08-09 08:45 - 000010398 _____ C:\Users\Vlasťule\Desktop\Co už mám domluveno.odt
2021-08-01 18:03 - 2021-08-01 18:03 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2021-08-01 18:03 - 2021-08-01 18:03 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-08-01 18:02 - 2021-08-01 18:02 - 000000000 ____D C:\ProgramData\Dell
2021-08-01 17:28 - 2021-08-01 17:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\NVIDIA
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140.zip
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140 (1).zip
2021-07-30 08:22 - 2021-07-30 08:22 - 000117280 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade (1).pdf
2021-07-30 08:19 - 2021-07-30 08:19 - 000117293 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade.pdf
2021-07-29 08:19 - 2021-07-29 08:26 - 000000000 ____D C:\Users\Vlasťule\Desktop\Terinka v Praze Červenec 2021
2021-07-28 19:59 - 2021-07-28 19:59 - 000000112 ___SH C:\bootTel.dat
2021-07-28 19:59 - 2021-07-28 19:59 - 000000000 __SHD C:\found.000
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-07-28 19:45 - 2021-07-12 13:32 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-28 19:44 - 2021-08-06 10:41 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-28 19:44 - 2021-08-06 10:38 - 007280848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-07-28 19:30 - 2021-07-28 20:39 - 000000060 _____ C:\Users\dbube\Downloads\query.htm
2021-07-28 19:16 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 16:04 - 2021-08-05 17:16 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 16:04 - 2021-08-05 17:16 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-15 18:32 - 2021-07-15 18:32 - 000000000 ____D C:\Users\dbube\AppData\LocalLow\Amistech

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-14 21:04 - 2019-05-21 15:54 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-14 21:04 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-14 21:02 - 2020-09-06 13:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-14 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-14 20:59 - 2019-12-14 23:12 - 000000000 ____D C:\Users\dbube\AppData\Roaming\qBittorrent
2021-08-14 20:52 - 2019-05-21 15:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-14 20:24 - 2021-01-18 12:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\badpanda-react
2021-08-14 20:24 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Roaming\discord
2021-08-14 19:50 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Local\Discord
2021-08-14 19:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-14 19:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-14 17:53 - 2020-09-06 13:45 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A8E94C42-9C4F-4DEE-9B06-7CDE732D054B}
2021-08-14 17:51 - 2020-07-15 11:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-13 21:46 - 2019-12-26 12:30 - 000000000 ____D C:\Program Files\trend micro
2021-08-13 21:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-13 16:57 - 2021-01-22 16:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 15:20 - 2020-09-06 13:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 15:20 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-13 15:20 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-13 15:13 - 2020-09-06 13:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-13 15:13 - 2020-09-06 13:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-12 17:28 - 2020-09-06 13:38 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-12 17:28 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-12 17:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 06:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 05:58 - 2019-05-22 12:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 05:56 - 2019-05-22 12:01 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 19:11 - 2019-09-07 16:57 - 000000000 ___RD C:\Users\dbube\Documents\Scanned Documents
2021-08-11 16:54 - 2019-05-21 15:50 - 000000000 ____D C:\Users\dbube\AppData\Local\Packages
2021-08-11 15:42 - 2019-05-21 16:24 - 000000000 ____D C:\Users\dbube\AppData\Local\NVIDIA
2021-08-09 18:11 - 2020-08-09 19:37 - 000000000 ____D C:\Users\Vlasťule\AppData\Roaming\discord
2021-08-09 18:05 - 2020-10-31 22:45 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\Discord
2021-08-09 08:25 - 2020-09-06 13:45 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1001
2021-08-09 08:25 - 2020-09-06 13:39 - 000002377 _____ C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:25 - 2019-05-21 15:51 - 000000000 ___RD C:\Users\dbube\OneDrive
2021-08-09 08:23 - 2020-09-06 13:45 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1002
2021-08-09 08:23 - 2020-09-06 13:39 - 000002386 _____ C:\Users\Vlasťule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:23 - 2019-05-25 09:17 - 000000000 ___RD C:\Users\Vlasťule\OneDrive
2021-08-08 20:25 - 2019-05-21 18:27 - 000000000 ____D C:\Users\dbube\AppData\Local\CrashDumps
2021-08-07 23:15 - 2020-09-06 13:39 - 000000000 ____D C:\Users\dbube
2021-08-07 17:38 - 2020-03-18 19:33 - 000000000 ____D C:\Users\dbube\AppData\Local\UnrealEngine
2021-08-07 17:22 - 2021-04-15 22:03 - 000000000 ____D C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-07 17:09 - 2020-03-21 13:22 - 000000000 ____D C:\Users\dbube\AppData\Local\Battle.net
2021-08-04 15:42 - 2019-05-21 15:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-04 15:42 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 05:55 - 2020-09-06 13:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 05:55 - 2020-09-06 13:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 17:45 - 2020-12-16 19:11 - 000000000 ____D C:\Users\dbube\Documents\Obnova hesel nebo účtu
2021-08-01 17:23 - 2019-05-21 16:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-01 15:43 - 2021-01-14 13:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2021-08-01 15:43 - 2021-01-14 13:31 - 000000000 ____D C:\Users\dbube\Documents\Adobe
2021-08-01 15:40 - 2021-01-14 13:28 - 000000000 ____D C:\Program Files\Adobe
2021-07-29 09:40 - 2019-08-15 17:47 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\PlaceholderTileLogoFolder
2021-07-29 09:33 - 2020-11-12 09:05 - 000000000 ___RD C:\Users\Vlasťule\Documents\Scanned Documents
2021-07-28 19:48 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 16:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 15:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-28 19:16 - 2020-09-06 13:45 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:13 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 09:45 - 2021-01-22 16:39 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-01-22 16:39 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2020-06-09 15:08 - 2020-06-09 15:08 - 000004973 _____ () C:\Users\dbube\AppData\Local\PlariumPlay.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 21:06
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
C:\Windows\System32\cscript.exe

EmptyTemp:
Hosts:
End
Uložte do D:\Programy jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu

Napsal: 14 srp 2021 21:36
od Bubenos
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by dbube (14-08-2021 22:34:49) Run:1
Running from D:\Programy
Loaded Profiles: dbube & Vlasťule
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
C:\Windows\System32\cscript.exe

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24CF228A-DCE2-4593-9EBE-80E9D61BFAC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24CF228A-DCE2-4593-9EBE-80E9D61BFAC0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCD1040F-F004-446C-B306-0AD5DFE675C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCD1040F-F004-446C-B306-0AD5DFE675C1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\dbube\Desktop\GDPR1.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\GDPR1.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\GDPR2.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\GDPR2.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\OP.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\OP.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\Rodný list Terezka.jpg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\Rodný list Terezka.jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Documents\RL - Terezka.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Windows\System32\cscript.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4356458 B
Java, Flash, Steam htmlcache => 368096312 B
Windows/system/drivers => 5876935 B
Edge => 0 B
Chrome => 677376838 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 130866 B
dbube => 117098368 B
Vlasťule => 165328905 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-08-2021 22:36:13)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 22:36:13 ====

Re: Prosím o kontrolu logu

Napsal: 15 srp 2021 10:15
od Rudy
OK. Nastala nějaká změna?

Re: Prosím o kontrolu logu

Napsal: 15 srp 2021 16:36
od Bubenos
Uvidíme do budoucna, zatím vše OK. Moc děkuji jste hodný. :thumbsup: :closed:

Re: Prosím o kontrolu logu

Napsal: 15 srp 2021 17:50
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz