Pomalejší PC

[Montas]

Dobrý den, poprosil bych o kontrolu logů. PC mi poslední dobou jen tak začne využívat 100% CPU děje se to náhodně a nepřestane to dokud nerestartuji počítač.

Logfile of random's system information tool 1.10 (written by random/random)
Run by ADMIN at 2020-05-09 02:49:43
Microsoft Windows 10 Pro
System drive C: has 872 GB (46%) free of 1907 GB
Total RAM: 16304 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:49:52, on 09.05.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\ADMIN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Kerio Control VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
O4 - HKLM\..\Run: [CORSAIR iCUE Software] "C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe" --autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Corsair LLA Service (CorsairLLAService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
O23 - Service: Corsair Service (CorsairService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_21a593db - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DeveloperToolsSvc.exe,-100 (DeveloperToolsService) - Unknown owner - C:\WINDOWS\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kerio Control VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Logitech Video Camera Service (nebula) - Logitech - C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nordvpn-service - Unknown owner - C:\Program Files (x86)\NordVPN\nordvpn-service.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH SSH Server (sshd) - Unknown owner - C:\WINDOWS\System32\OpenSSH\sshd.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VirtualBox system service (VBoxSDS) - Oracle Corporation - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe

--
End of file - 13000 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
"C:\Program Files (x86)\NordVPN\nordvpn-service.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe"
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc


C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc


C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\AUDIODG.EXE 0x67c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe" -d
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe"
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\WINDOWS\System32\Taskmgr.exe" /2
"C:\Program Files\Riot Vanguard\vgtray.exe"
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
--autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1992,9029014399159495941,6213807221598910582,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=17405464469409196906 --mojo-platform-channel-handle=1996 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1992,9029014399159495941,6213807221598910582,131072 --disable-features=VizDisplayCompositor --service-pipe-token=16676444910751114836 --lang=en-US --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16676444910751114836 --renderer-client-id=3 --mojo-platform-channel-handle=2560 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFT.exe" /InvokerPRAID: App
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe" -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Radek\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Radek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=81.0.4044.138 --initial-client-data=0xe8,0xec,0xf0,0xc4,0xf4,0x7ffcdf44bd28,0x7ffcdf44bd38,0x7ffcdf44bd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3092 --on-initialized-event-handle=688 --parent-handle=692 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1652 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1840 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=4424 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=1740 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=xr_compositing --enable-audio-service-sandbox --mojo-platform-channel-handle=5376 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe -Embedding

"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s seclogon
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8872 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8952 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8452 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe185_ Global\UsGthrCtrlFltPipeMssGthrPipe185 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
"C:\Users\Radek\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12 210632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-27 480320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-27 194624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-15 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-12-22 8899592]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2020-03-04 3022416]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11 509936]
"Riot Vanguard"=C:\Program Files\Riot Vanguard\vgtray.exe [2020-05-09 352712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2019-03-19 28832864]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2020-05-08 3373344]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-06 19476424]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2016-03-16 136992]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-06-22 2409944]
"Kerio Control VPN Client"=C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2018-08-28 2069864]
"CORSAIR iCUE Software"=C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [2020-03-02 405544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-12-11 646160]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
SshdPinAuthLsa

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 1 month======

2020-05-09 02:49:43 ----D---- C:\rsit
2020-05-09 02:49:43 ----D---- C:\Program Files\trend micro
2020-05-09 02:39:50 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2020-05-09 02:39:40 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2020-05-09 02:39:40 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2020-05-09 02:39:04 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2020-05-09 02:39:03 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2020-05-09 02:38:57 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2020-05-09 02:38:56 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2020-05-03 22:00:08 ----D---- C:\WINDOWS\LastGood.Tmp
2020-05-03 21:58:36 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-05-03 21:58:36 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\OpenCL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvdispco6444587.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-05-01 20:20:31 ----D---- C:\Program Files (x86)\Far Cry 5
2020-04-29 14:28:23 ----D---- C:\Program Files\Logitech
2020-04-19 22:58:38 ----D---- C:\Users\Radek\AppData\Roaming\Sekiro
2020-04-16 23:13:07 ----A---- C:\WINDOWS\vgkbootstatus.dat
2020-04-16 21:53:41 ----AD---- C:\Program Files\Riot Vanguard
2020-04-16 00:15:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:15:10 ----A---- C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 00:15:10 ----A---- C:\WINDOWS\system32\wbadmin.exe
2020-04-16 00:15:07 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2020-04-16 00:15:07 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:15:06 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2020-04-16 00:15:06 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2020-04-16 00:15:03 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 00:15:02 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 00:15:01 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-04-16 00:14:55 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2020-04-16 00:14:55 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-04-16 00:14:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\srumapi.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iasrad.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iaspolcy.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iasacct.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\ias.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-04-16 00:14:51 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WinSAT.exe
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\tsgqec.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\mstsc.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\rdpclip.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\nltest.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\msimsg.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\msi.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 00:14:47 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 00:14:47 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\jscript.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\iasrad.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\iasacct.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\ias.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\StorSvc.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 00:14:44 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\securekernel.exe
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\srumsvc.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\srumapi.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\hvloader.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\es.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Custom.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\wksprtPS.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\slcext.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\slc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\dot3msm.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\dot3api.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2020-04-16 00:14:27 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2020-04-16 00:14:27 ----A---- C:\WINDOWS\SYSWOW64\BTAGService.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\scecli.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\rascustom.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\LsaIso.exe
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\icsunattend.exe
2020-04-16 00:14:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 00:14:20 ----A---- C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\wininet.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\t2embed.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\omadmclient.exe
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\wuuhext.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\wow64win.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\msimg32.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\mf3216.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\fontsub.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2020-04-16 00:14:06 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\lpk.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\dciman32.dll
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\smss.exe
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\hal.dll
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\drivers\hwpolicy.sys
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\wpr.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\drivers\http.sys
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\winhttp.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\samsrv.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\samlib.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\rpcss.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\offlinesam.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\dcntel.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\aepic.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sxssrv.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppcext.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppc.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\slcext.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\slc.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\msctf.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\changepk.exe
2020-04-16 00:14:00 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\ntshrui.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\dwmcore.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\dcomp.dll
2020-04-16 00:13:56 ----A---- C:\WINDOWS\system32\es.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\winload.exe
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\generaltel.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\devinv.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\acmigration.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcasvc.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcalua.exe
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcaevts.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcadm.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\invagent.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\appraiser.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\aitstatic.exe
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\aeinv.dll
2020-04-16 00:13:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 00:13:46 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotification.exe
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32u.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32k.sys
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\user32.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\wpncore.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\wpnapps.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\ncbservice.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\webservices.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\domgmt.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wups2.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wuaueng.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wuauclt.exe
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\cdd.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\tbauth.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\cloudAP.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\aadtb.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 00:13:29 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 00:13:29 ----A---- C:\WINDOWS\system32\kernel32.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3svc.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3msm.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3api.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcMon.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcApi.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\Wpc.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\advapi32.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\wwansvc.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\umpo.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\drivers\KNetPwrDepBroker.sys
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\BTAGService.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-04-16 00:13:19 ----A---- C:\WINDOWS\system32\tellib.dll
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys
2020-04-15 23:42:50 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-04-15 23:42:50 ----A---- C:\WINDOWS\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2020-05-09 02:49:52 ----D---- C:\WINDOWS\Prefetch
2020-05-09 02:49:43 ----RD---- C:\Program Files
2020-05-09 02:48:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-05-09 02:42:56 ----D---- C:\WINDOWS\Temp
2020-05-09 02:39:50 ----D---- C:\WINDOWS\system32\drivers
2020-05-09 02:38:57 ----HD---- C:\WINDOWS\ELAMBKUP
2020-05-09 02:38:34 ----D---- C:\ProgramData\Malwarebytes
2020-05-09 02:36:25 ----D---- C:\WINDOWS\system32\catroot2
2020-05-09 02:31:15 ----D---- C:\ProgramData\NVIDIA
2020-05-09 02:29:46 ----D---- C:\Program Files (x86)\Steam
2020-05-09 02:27:42 ----D---- C:\Users\Radek\AppData\Roaming\discord
2020-05-09 02:02:00 ----D---- C:\WINDOWS\system32\sru
2020-05-08 23:47:44 ----HD---- C:\Program Files\WindowsApps
2020-05-08 23:47:40 ----D---- C:\WINDOWS\AppReadiness
2020-05-08 22:51:01 ----D---- C:\WINDOWS\system32\SleepStudy
2020-05-08 18:31:33 ----RD---- C:\WINDOWS\Microsoft.NET
2020-05-08 10:40:32 ----SHD---- C:\System Volume Information
2020-05-07 13:27:45 ----D---- C:\Users\Radek\AppData\Roaming\obs-studio
2020-05-07 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2020-05-04 16:15:00 ----D---- C:\WINDOWS\system32\DriverStore
2020-05-04 16:14:59 ----D---- C:\WINDOWS\System32
2020-05-04 16:14:59 ----D---- C:\WINDOWS\INF
2020-05-03 22:16:34 ----D---- C:\WINDOWS\system32\WDI
2020-05-03 22:10:02 ----D---- C:\WINDOWS\SysWOW64
2020-05-03 22:09:00 ----D---- C:\Windows
2020-05-03 21:32:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-03 21:29:49 ----D---- C:\ProgramData\NVIDIA Corporation
2020-05-03 21:29:40 ----D---- C:\WINDOWS\system32\Tasks
2020-05-03 21:29:17 ----D---- C:\Program Files\NVIDIA Corporation
2020-05-03 21:29:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2020-05-03 16:42:19 ----D---- C:\ProgramData\VirtualBox
2020-05-02 19:37:57 ----SHDC---- C:\WINDOWS\Installer
2020-05-02 19:35:24 ----D---- C:\Program Files (x86)\Microsoft Office
2020-05-02 04:16:04 ----D---- C:\Users\Radek\AppData\Roaming\qBittorrent
2020-05-01 21:21:49 ----RSD---- C:\WINDOWS\assembly
2020-05-01 21:21:08 ----D---- C:\WINDOWS\Logs
2020-05-01 20:20:31 ----RD---- C:\Program Files (x86)
2020-05-01 07:02:30 ----D---- C:\WINDOWS\system32\drivers\wd
2020-04-26 09:16:31 ----D---- C:\WINDOWS\system32\config
2020-04-18 09:38:08 ----D---- C:\WINDOWS\WinSxS
2020-04-16 21:53:40 ----SH---- C:\Program Files\desktop.ini
2020-04-16 21:53:22 ----D---- C:\Riot Games
2020-04-16 06:44:23 ----D---- C:\WINDOWS\system32\CatRoot
2020-04-16 06:43:10 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-04-16 06:43:10 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-04-16 06:43:05 ----D---- C:\WINDOWS\SystemResources
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\wbem
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\migwiz
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\migration
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\en-US
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\de-DE
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\cs-CZ
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\Boot
2020-04-16 06:43:02 ----D---- C:\WINDOWS\ShellExperiences
2020-04-16 06:43:02 ----D---- C:\WINDOWS\Provisioning
2020-04-16 06:43:02 ----D---- C:\WINDOWS\PolicyDefinitions
2020-04-16 06:43:02 ----D---- C:\WINDOWS\bcastdvr
2020-04-16 06:43:02 ----D---- C:\WINDOWS\apppatch
2020-04-16 06:43:02 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-16 00:19:54 ----D---- C:\WINDOWS\CbsTemp
2020-04-15 15:28:32 ----D---- C:\WINDOWS\system32\Macromed
2020-04-15 15:28:30 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-04-11 23:55:16 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2020-04-11 23:54:34 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2020-04-11 23:53:24 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2020-04-11 23:52:00 ----A---- C:\WINDOWS\system32\nvapi64.dll
2020-04-11 23:51:58 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-11-12 1467912]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-03-16 254776]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-16 40960]
R1 AsIO;AsIO; C:\WINDOWS\SysWow64\drivers\AsIO.sys [2014-09-09 15232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2020-05-09 153312]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 ndextlag;@oem44.inf,%ndextlag_Desc%;ExitLag Game Booster; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [2018-04-11 48640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-03-16 457216]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A;CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; \??\C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [2020-02-24 21752]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2020-05-09 214496]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-15 117264]
R3 CorsairVBusDriver;@oem27.inf,%dev.SVCDESC%;Corsair Bus; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [2019-11-14 45968]
R3 CorsairVHidDriver;@oem20.inf,%dev.SVCDESC%;Corsair virtual device; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [2019-11-14 21904]
R3 cpuz149;cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [2020-05-08 44320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-12-22 5276168]
R3 keyboard;Keyboard Upper Filter Driver; C:\WINDOWS\system32\drivers\keyboard.sys [2019-07-03 18536]
R3 kvnet;@oem49.inf,%kvnet.Service.DispName%;Kerio Virtual Network Adapter; C:\WINDOWS\System32\drivers\kvnet.sys [2018-08-28 48552]
R3 lvrs64;@oem51.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem17.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2020-05-09 195432]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2020-05-09 73368]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2020-05-09 248968]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2020-05-09 125088]
R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 mouse;Mouse Upper Filter Driver; C:\WINDOWS\system32\drivers\mouse.sys [2019-07-03 18536]
R3 NVHDA;@oem46.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-03-18 223120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [2020-04-11 23446968]
R3 nvvad_WaveExtensible;@oem33.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem56.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
R3 rt640x64;@oem9.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RtsUpx;RtsUpx Driver; \??\C:\WINDOWS\system32\drivers\RtsUpx.sys [2018-05-06 30328]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2020-05-09 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-16 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-17 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2020-02-15 138040]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2020-02-15 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2020-02-15 153912]
S3 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2019-08-01 313112]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-11-17 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-16 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-16 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-16 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-16 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 CompFilter64;UVCCompositeFilter; C:\WINDOWS\System32\drivers\lvbflt64.sys [2012-10-26 26784]
S3 dot4;@oem25.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem8.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem25.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [2019-08-17 42256]
S3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [2019-08-17 59344]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-11-17 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-11-17 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-04-16 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-17 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2020-04-01 30336]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2018-03-24 468752]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-13 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-06-22 818128]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2020-03-04 3374160]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020-03-04 3103824]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_21a593db;Uživatelská služba platformy připojených zařízení_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-04-28 10610544]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CorsairLLAService;Corsair LLA Service; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [2020-03-02 403496]
R2 CorsairService;Corsair Service; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [2020-03-02 55848]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-03-16 209184]
R2 KVPNCSvc;Kerio Control VPN Client Service; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2018-08-28 1986920]
R2 LightingService;LightingService; C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe [2018-05-06 1289688]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-03-16 416544]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2020-05-09 6933272]
R2 nebula;Logitech Video Camera Service; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [2018-06-19 4477576]
R2 nordvpn-service;nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [2019-12-19 222240]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-03-18 850928]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-04-03 874472]
R2 OneSyncSvc_21a593db;Hostitel synchronizace_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_21a593db;Uživatelská služba schránky_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_21a593db;Data kontaktů_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [2018-01-05 382424]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 debugregsvc;@%SystemRoot%\system32\debugregsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-06 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-01-31 3394864]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_21a593db;Agent Activation Runtime_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-04-15 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_21a593db;Uživatelská služba pro GameDVR a vysílání her_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-07-10 8403672]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_21a593db;Služba pro podporu uživatelů Bluetooth_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_21a593db;CaptureService_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_21a593db;ConsentUX_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_21a593db;CredentialEnrollmentManagerUserSvc_21a593db; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeveloperToolsService;@%SystemRoot%\system32\DeveloperToolsSvc.exe,-100; C:\WINDOWS\System32\DeveloperToolsSvc.exe [2019-03-18 174080]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_21a593db;DeviceAssociationBroker_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_21a593db;DevicePicker_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_21a593db;Tok zařízení_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-16 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2019-05-22 803440]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-17 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe [2020-05-02 1095664]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-06 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-02-19 974632]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_21a593db;Služba zasílání zpráv_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-01-31 2474800]
S3 ose;Office Source Engine; c:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 215056]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_21a593db;PrintWorkflow_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-12-05 474256]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-02-15 828216]

-----------------EOF-----------------

[Montas]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2020
Ran by ADMIN (administrator) on DESKTOP-AC515PC (09-05-2020 02:58:15)
Running from C:\Users\Radek\Downloads
Loaded Profiles: ADMIN (Available Profiles: ADMIN)
Platform: Windows 10 Pro Version 1909 18363.778 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <26>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [352712 2020-05-09] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-03-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Kerio Control VPN Client] => C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2069864 2018-08-28] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-03-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3373344 2020-05-08] (Valve -> Valve Corporation)
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01FCAC5D-BB76-42FC-B8CA-A7F676557A82} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B90019F-5842-4FD4-B372-43913E665EB5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F516434-BD3B-4508-84CE-07DA084CDEAF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {213C5FB6-FD0E-47AC-85F0-04752CA4B9B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {230E5C66-8DC0-43AC-9CFC-28E158FC2C94} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2AC4EE9F-5A05-4E50-B8DB-3A8A176EC170} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {37511384-9A99-4C6D-8E3E-6797CBF50E94} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {38EDCDC0-C2FF-43AB-A753-6B895D43DA4B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {3C304C6B-06D7-46F1-A237-DF1AB3382AB0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A37F5EC-6D12-4ED0-AA86-BD0AC1CEFC81} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65D5D10A-DA97-4262-A96A-F91D3FA07347} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {705E6BC6-FC12-4E3F-9C29-65D7EC2DCAEA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7135BB4C-9F1E-4C12-985D-C596E4C5FD8A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {838808DD-8C38-4195-B3C0-12D8CD1B510B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {8BD8F959-A630-4FE5-B58A-A50A359BBBF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {97F56BD9-4944-4C16-9431-2B2A1AB5C49D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACD69BFC-9BB0-4999-96ED-CEA3903E4925} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5B442AE-584B-44AE-89AB-20915A6CD329} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC125D11-7DB5-41AE-97FF-8F305FF4DD64} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C3B79C69-24E2-47F8-934F-FF2804452A71} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {C4C110EF-02F3-4CD5-84DC-6CD0823801EB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-15] (Adobe Inc. -> Adobe)
Task: {C67CA02D-A184-48D4-9707-BB019704B81B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-06] (Google Inc -> Google Inc.)
Task: {CBFCED9F-016A-4A5E-845A-5769D9C2633D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA576B0F-FFFA-4A8C-9719-BDD999F5A527} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-06] (Google Inc -> Google Inc.)
Task: {DC5BD92D-1297-4F35-9F33-8E38BF187A3F} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-AC515PC-ADMIN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DCCA85DE-C316-4FC6-8DA0-7DA01AFEC0F3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E93B3925-165C-4F41-97FB-604BEF26A487} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE17164C-2AFD-4D01-8340-5F67E4AFFC42} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6D3CFF7-DEDD-4CAA-9BA6-AA710F4FFDA3} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe [280536 2018-05-06] (ASUSTeK Computer Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d55a0e0-64e8-4178-bb77-4f475ca8a8a1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85715239-bb93-4893-aefd-83a77265db45}: [DhcpNameServer] 192.168.0.12 192.168.0.2

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default [2020-05-09]
CHR Notifications: Default -> hxxps://www.kupi.cz
CHR Extension: (Prezentace) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-06]
CHR Extension: (BetterTTV) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-04-22]
CHR Extension: (Dokumenty) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-06]
CHR Extension: (Disk Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Tabulky) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Unblock any site - Hola Free VPN) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-05-08]
CHR Extension: (YouTube NonStop) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2019-10-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01]
CHR Extension: (Gmail) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-07-10] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10610544 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [403496 2020-03-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55848 2020-03-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 KVPNCSvc; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [1986920 2018-08-28] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe [1289688 2018-05-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-19] (Logitech Inc -> Logitech)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [222240 2019-12-19] (TEFINCOM S.A. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2474800 2020-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3394864 2020-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-12-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-03-01] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [690424 2019-01-14] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9821696 2020-05-09] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-08-01] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-11-17] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2020-05-08] (CPUID S.A.R.L.U. -> CPUID)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2019-08-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2019-08-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-05-09] (Malwarebytes Corporation -> Malwarebytes)
R3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [18536 2019-07-03] (Francisco Lopes da Silva -> Oblita)
R3 kvnet; C:\WINDOWS\System32\drivers\kvnet.sys [48552 2018-08-28] (GFI Software Development Limited -> Kerio Technologies Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 mouse; C:\Windows\System32\Drivers\mouse.sys [18536 2019-07-03] (Francisco Lopes da Silva -> Oblita)
R1 ndextlag; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [48640 2018-04-11] (Mainline Net Holdings Limited -> SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA - ME)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek Semiconductor Corp -> Realtek )
R3 RtsUpx; C:\WINDOWS\system32\drivers\RtsUpx.sys [30328 2018-05-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [44080 2019-07-03] (Shaul Eizikovich -> Nefarius Software Solutions)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (Windscribe Limited -> The OpenVPN Project)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247216 2019-01-14] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [144632 2018-01-15] (Oracle Corporation -> Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [3361376 2020-05-09] (Riot Games, Inc. -> Riot Games, Inc.)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-11-22] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Radek\Documents\Gladiatorcheatz "
2020-05-09 02:58 - 2020-05-09 02:59 - 000030679 _____ C:\Users\Radek\Downloads\FRST.txt
2020-05-09 02:57 - 2020-05-09 02:59 - 000000000 ____D C:\FRST
2020-05-09 02:56 - 2020-05-09 02:56 - 002283520 _____ (Farbar) C:\Users\Radek\Downloads\FRST64.exe
2020-05-09 02:49 - 2020-05-09 02:49 - 001222144 _____ C:\Users\Radek\Downloads\RSITx64.exe
2020-05-09 02:49 - 2020-05-09 02:49 - 000000000 ____D C:\rsit
2020-05-09 02:49 - 2020-05-09 02:49 - 000000000 ____D C:\Program Files\trend micro
2020-05-09 02:39 - 2020-05-09 02:46 - 000000000 ____D C:\Users\Radek\AppData\LocalLow\IGDump
2020-05-09 02:39 - 2020-05-09 02:39 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-09 02:39 - 2020-05-09 02:39 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-09 02:39 - 2020-05-09 02:39 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-05-09 02:39 - 2020-05-09 02:39 - 000125088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-05-09 02:39 - 2020-05-09 02:39 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-05-09 02:39 - 2020-05-09 02:39 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-09 02:39 - 2020-05-09 02:39 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-09 02:38 - 2020-05-09 02:38 - 001980016 _____ (Malwarebytes) C:\Users\Radek\Downloads\MBSetup.exe
2020-05-09 02:38 - 2020-05-09 02:38 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-09 02:38 - 2020-05-09 02:38 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-07 12:11 - 2020-05-07 12:47 - 712587643 _____ C:\Users\Radek\Desktop\2020-05-07 12-11-37.mp4
2020-05-05 09:54 - 2020-05-05 09:54 - 000041510 _____ C:\Users\Radek\Downloads\baroko, 1.ročník.odt
2020-05-05 01:23 - 2020-05-05 01:23 - 000777216 _____ C:\Users\Radek\Downloads\35_PaketTCPIP.ppt
2020-05-05 01:23 - 2020-05-05 01:23 - 000777216 _____ C:\Users\Radek\Desktop\35_PaketTCPIP.ppt
2020-05-05 01:23 - 2020-05-05 01:23 - 000392554 _____ C:\Users\Radek\Downloads\36_PaketICMP.pdf
2020-05-05 01:23 - 2020-05-05 01:23 - 000392554 _____ C:\Users\Radek\Desktop\36_PaketICMP.pdf
2020-05-04 18:05 - 2020-05-04 18:05 - 001461517 _____ C:\Users\Radek\Downloads\IS_ANE_1 - Anestezie.pdf
2020-05-04 18:05 - 2020-05-04 18:05 - 000670474 _____ C:\Users\Radek\Downloads\F_LUZKA_1 - Poučení o rozsahu odpovědnosti ISCARE.pdf
2020-05-03 22:00 - 2020-05-03 22:00 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-05-03 21:58 - 2020-04-11 23:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 000450280 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-05-03 21:58 - 2020-04-11 23:54 - 011945872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 017601632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 015158384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 005855856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 005159520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 002074232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001722480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444587.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001566328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001483376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001481328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001142200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001048504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000817080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000811448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000679864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000676448 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000546744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000543160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-05-03 16:39 - 2020-05-03 16:39 - 000012588 _____ C:\Users\Radek\Downloads\Harmonogram_SP.xlsx
2020-05-01 21:04 - 2020-05-01 21:04 - 000001170 _____ C:\Users\Radek\Desktop\FarCry5.lnk
2020-05-01 20:20 - 2020-05-01 20:20 - 000000000 ____D C:\Program Files (x86)\Far Cry 5
2020-05-01 18:38 - 2020-05-01 18:47 - 000000000 ____D C:\Users\Radek\Downloads\Far Cry 5
2020-04-29 14:28 - 2020-04-29 14:28 - 000001411 _____ C:\Users\Public\Desktop\Logitech-kameraindstillinger.lnk
2020-04-29 14:28 - 2020-04-29 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech-kameraindstillinger
2020-04-29 14:28 - 2020-04-29 14:28 - 000000000 ____D C:\Program Files\Logitech
2020-04-29 14:25 - 2020-04-29 14:26 - 103441984 _____ (Logitech Europe S.A.) C:\Users\Radek\Downloads\LogiCameraSettings_2.5.17.exe
2020-04-27 09:03 - 2020-04-27 09:03 - 000074656 _____ C:\Users\Radek\Downloads\Shakespeare Hamlet.odt
2020-04-26 13:43 - 2020-04-26 15:07 - 2715254784 _____ C:\Users\Radek\Downloads\ubuntu-20.04-desktop-amd64.iso
2020-04-23 01:23 - 2020-04-23 01:23 - 000054946 _____ C:\Users\Radek\Downloads\Shakespeare Romeo a Julie rozbor.odt
2020-04-22 17:36 - 2020-04-23 09:48 - 000002998 _____ C:\Users\Radek\Desktop\pos.txt
2020-04-20 16:50 - 2020-04-21 11:34 - 000005234 _____ C:\Users\Radek\Desktop\ukolpos4official.txt
2020-04-19 22:58 - 2020-04-19 23:00 - 000000000 ____D C:\Users\Radek\AppData\Roaming\Sekiro
2020-04-16 23:13 - 2020-05-09 02:28 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-04-16 22:00 - 2020-04-16 22:00 - 000000000 ____D C:\Users\Radek\AppData\Local\ShooterGame
2020-04-16 21:53 - 2020-05-09 02:26 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-04-16 21:53 - 2020-04-16 21:59 - 000001627 _____ C:\Users\Radek\Desktop\VALORANT.lnk
2020-04-16 21:53 - 2020-04-16 21:53 - 000000000 ____D C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-04-16 00:15 - 2020-04-16 00:15 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002369576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002188600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001659408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001495864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001386296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 00:14 - 2020-04-16 00:14 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 00:14 - 2020-04-16 00:14 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 00:14 - 2020-04-16 00:14 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 00:13 - 2020-04-16 00:14 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003980800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 00:13 - 2020-04-16 00:13 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-15 23:42 - 2020-04-15 23:43 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-15 23:42 - 2020-04-15 23:43 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-10 10:59 - 2020-04-10 10:59 - 000325940 _____ C:\Users\Radek\Desktop\Zveřejnit na Facebooku.html
2020-04-10 10:59 - 2020-04-10 10:59 - 000000000 ____D C:\Users\Radek\Desktop\Zveřejnit na Facebooku_files
2020-04-09 13:40 - 2020-04-09 13:40 - 000000000 ____D C:\Users\Radek\Desktop\chatLogs
2020-04-09 13:40 - 2018-09-12 23:10 - 000000457 _____ C:\Users\Radek\Desktop\groupedReports.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-09 02:58 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-09 02:38 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-09 02:38 - 2018-12-12 00:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-09 02:31 - 2018-05-06 00:52 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-09 02:29 - 2018-05-06 12:33 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-09 02:27 - 2018-05-06 15:13 - 000000000 ____D C:\Users\Radek\AppData\Roaming\discord
2020-05-08 23:47 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-08 23:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-08 22:51 - 2019-11-17 13:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-08 03:45 - 2018-05-06 12:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-08 03:45 - 2018-05-06 12:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 22:11 - 2019-04-04 18:19 - 000000862 _____ C:\Users\Radek\Desktop\Nový textový dokument (2).txt
2020-05-07 19:05 - 2019-10-03 14:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-05-07 13:27 - 2018-12-28 17:01 - 000000000 ____D C:\Users\Radek\AppData\Roaming\obs-studio
2020-05-07 02:50 - 2018-05-06 01:13 - 000000000 ____D C:\Users\Radek\AppData\Local\Packages
2020-05-06 21:50 - 2018-06-08 19:01 - 000000000 ____D C:\Users\Radek\AppData\Local\CrashDumps
2020-05-04 16:14 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-04 06:31 - 2019-11-17 14:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-04 02:33 - 2019-11-17 14:07 - 000000000 ____D C:\Users\Radek
2020-05-03 22:01 - 2018-05-06 01:58 - 000000000 ____D C:\Users\Radek\AppData\Local\NVIDIA
2020-05-03 21:32 - 2019-11-17 14:18 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-03 21:32 - 2019-03-19 13:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-03 21:32 - 2019-03-19 13:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-03 21:29 - 2019-11-17 14:26 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2018-05-06 01:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-05-03 21:29 - 2018-05-06 00:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-05-03 21:29 - 2018-05-06 00:52 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-05-03 17:44 - 2019-01-17 20:56 - 000000000 ____D C:\Users\Radek\.VirtualBox
2020-05-03 16:42 - 2019-01-17 20:56 - 000000000 ____D C:\ProgramData\VirtualBox
2020-05-02 19:35 - 2018-10-25 20:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-02 04:16 - 2018-12-16 20:37 - 000000000 ____D C:\Users\Radek\AppData\Roaming\qBittorrent
2020-05-02 00:07 - 2018-06-12 15:51 - 000000000 ____D C:\Users\Radek\AppData\Local\Ubisoft Game Launcher
2020-05-01 21:33 - 2019-09-07 17:25 - 000000000 ____D C:\Users\Radek\Documents\CPY_SAVES
2020-05-01 21:33 - 2018-05-26 12:09 - 000000000 ____D C:\Users\Radek\Documents\My Games
2020-05-01 07:02 - 2018-05-06 13:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-29 09:01 - 2018-05-13 16:10 - 000000000 ____D C:\Users\Radek\AppData\Local\ElevatedDiagnostics
2020-04-26 15:29 - 2019-01-17 21:58 - 000000000 ____D C:\Users\Radek\VirtualBox VMs
2020-04-20 23:47 - 2018-05-06 12:02 - 000000000 ____D C:\Users\Radek\Desktop\Hry
2020-04-20 15:03 - 2020-03-18 16:14 - 000002364 _____ C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-04-20 15:03 - 2020-03-18 16:14 - 000002356 _____ C:\Users\Radek\Desktop\Microsoft Teams.lnk
2020-04-19 22:05 - 2019-06-16 13:49 - 000000000 ____D C:\Users\Radek\Downloads\sr-dltfeeph
2020-04-17 20:17 - 2019-11-17 14:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2262406034-326345448-3405211083-1001
2020-04-17 20:17 - 2019-11-17 14:07 - 000002361 _____ C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 20:17 - 2018-05-06 01:15 - 000000000 ___RD C:\Users\Radek\OneDrive
2020-04-16 23:12 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-16 22:00 - 2019-10-17 18:48 - 000000000 ____D C:\Users\Radek\AppData\Local\Riot Games
2020-04-16 21:53 - 2019-04-25 12:21 - 000000000 ____D C:\Riot Games
2020-04-16 07:22 - 2019-11-17 13:56 - 000313032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 06:43 - 2019-03-19 13:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 00:19 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-15 15:28 - 2019-11-17 14:26 - 000004666 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-15 15:28 - 2019-11-17 14:26 - 000004506 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-04-15 15:28 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-15 15:28 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-11 23:55 - 2020-03-24 15:39 - 000346856 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-04-11 23:54 - 2020-03-24 15:39 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-04-11 23:53 - 2020-03-13 12:43 - 000655312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-04-11 23:52 - 2019-11-04 21:33 - 004927960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-04-11 23:51 - 2019-11-04 21:33 - 004195688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== Files in the root of some directories ========

2020-02-01 15:35 - 2020-02-01 15:35 - 042886902 _____ () C:\Users\Radek\AppData\Roaming\gta5_patch.bin
2019-07-25 17:28 - 2002-08-29 17:33 - 000319488 _____ () C:\Users\Radek\AppData\Roaming\MafiaSetup.exe
2020-02-01 15:35 - 2020-02-01 15:35 - 000332800 _____ () C:\Users\Radek\AppData\Roaming\patcher.dll
2020-02-19 18:02 - 2020-03-15 21:41 - 000000029 ____H () C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B
2019-01-09 20:48 - 2019-01-09 20:48 - 000000184 _____ () C:\Users\Radek\AppData\Local\atidt64.dll
2018-09-28 18:57 - 2018-09-28 18:57 - 000000000 _____ () C:\Users\Radek\AppData\Local\oobelibMkey.log
2018-05-06 16:19 - 2018-05-06 16:19 - 000000017 _____ () C:\Users\Radek\AppData\Local\resmon.resmoncfg
2018-12-12 21:15 - 2018-12-12 21:15 - 000074877 _____ () C:\Users\Radek\AppData\Local\tycloljvc3jj.zip

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Montas]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020
Ran by ADMIN (09-05-2020 02:59:57)
Running from C:\Users\Radek\Downloads
Windows 10 Pro Version 1909 18363.778 (X64) (2019-11-17 12:27:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

ADMIN (S-1-5-21-2262406034-326345448-3405211083-1001 - Administrator - Enabled) => C:\Users\Radek
Administrator (S-1-5-21-2262406034-326345448-3405211083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2262406034-326345448-3405211083-503 - Limited - Disabled)
Guest (S-1-5-21-2262406034-326345448-3405211083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2262406034-326345448-3405211083-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 1.9.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 1.9.3.0 - ASUSTek COMPUTER INC.)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.06.17 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.120.0.3003 - BlueStack Systems, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CORSAIR iCUE Software (HKLM-x32\...\{E615E155-8A79-4FED-B188-6F4C3A0CF0DF}) (Version: 3.26.95 - Corsair)
Discord (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExitLag version 3 (HKLM-x32\...\{B3117F72-F22D-4DA7-B554-B3F4EDBB408F}_is1) (Version: 3 - ExitLag)
Far Cry 5 (HKLM\...\Far Cry 5_is1) (Version: 1.4 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Heavy Rain (HKLM-x32\...\{EE94E976-82B0-470C-97A8-ADF41EF11F2A}_is1) (Version: - Quantic Dream)
Hitman 2 (HKLM-x32\...\{F7E0BCEB-1F73-468C-BC5B-CFD39EC31149}_is1) (Version: - IO Interactive)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Kerio Control VPN Client (HKLM\...\{1475DC5D-1CB9-46CC-B1C6-D68A64BEEFB0}) (Version: 9.2.2921 - Kerio Technologies Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Logitech-kameraindstillinger (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
Microsoft .NET Core SDK 2.2.103 (x64) (HKLM-x32\...\{730ee99f-7165-41f7-b107-ced51cbb0c19}) (Version: 2.2.103 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12730.20236 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Teams) (Version: 1.3.00.8663 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Node.js (HKLM\...\{41408FBE-699A-4989-83CA-AB035EECA740}) (Version: 12.13.1 - Node.js Foundation)
NordVPN (HKLM-x32\...\{1F65DF2C-97B0-402F-A484-FDEC48DB63A1}) (Version: 6.26.7 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.26.7) (Version: 6.26.7 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.13.57 (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.13.57 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.338.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12730.20206 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.0.2 (HKLM\...\{55905447-3228-417B-9F9D-6F8AC4D1A15C}) (Version: 6.0.2 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.60.37244 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.75 - NVIDIA Corporation) Hidden
PC Building Simulator v.1.5.2 (HKLM-x32\...\PC Building Simulator_is1) (Version: - )
Proxifier version 3.42 (HKLM-x32\...\Proxifier_is1) (Version: 3.42 - Initex)
Python 3.6.0 (64-bit) (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\{37a4e38b-baf7-4500-97f1-0f7c51d9a395}) (Version: 3.6.150.0 - Python Software Foundation)
Python 3.6.0 Add to Path (64-bit) (HKLM\...\{5A3CA177-8304-4D59-A44D-6A60032725E4}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (64-bit) (HKLM\...\{1944B5D6-0FFB-47C0-BFEC-5C7A2F013FA7}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (64-bit) (HKLM\...\{A6A3184B-748E-46F4-9E28-6B5889506170}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Documentation (64-bit) (HKLM\...\{5D83032F-36B5-42E4-A114-D310119C6F51}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (64-bit) (HKLM\...\{C0016766-8F63-4992-9E6F-ECFB2CB12BA6}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 pip Bootstrap (64-bit) (HKLM\...\{F9C1C892-4908-41F4-900C-7B0DAAF2387B}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (64-bit) (HKLM\...\{F3CB2257-C4C7-4C84-AF63-BADCED1E3273}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (64-bit) (HKLM\...\{E24AA157-AD52-42ED-B484-CA5979D4A728}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (64-bit) (HKLM\...\{631C7E77-5832-40D1-9D6D-7B3766D79BDF}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Utility Scripts (64-bit) (HKLM\...\{FE905DA4-0F23-4F99-9284-50BB4913CEB4}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A674B2CB-13CA-437B-A215-9DD257959A49}) (Version: 3.6.5835.0 - Python Software Foundation)
qBittorrent 4.1.4 (HKLM-x32\...\qBittorrent) (Version: 4.1.4 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Slime Rancher Galactic Bundle (HKLM-x32\...\Slime Rancher Galactic Bundle_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 61.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.167.200.0_x86__kgqvnymyfvs32 [2020-05-05] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.0.0.8_x86__h6adky7gbf63m [2020-04-22] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-17] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2020-04-16] (Microsoft Corporation)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.7.1.1_x86__h6adky7gbf63m [2020-04-14] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-CBC0EDC8089F} -> [Creative Cloud Files] => C:\Users\Radek\Creative Cloud Files [2018-05-15 19:30]
CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Radek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Radek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-03-04 00:30 - 2017-09-27 18:30 - 000489984 _____ ( (Newtonsoft) [File not signed]) [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2019-03-04 00:30 - 2017-11-07 17:37 - 000088064 _____ ( (Wondershare) [File not signed]) [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2019-03-04 00:30 - 2017-11-07 17:37 - 000200192 _____ ( (Wondershare) [File not signed]) [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll
2020-03-02 21:41 - 2020-03-02 21:41 - 000295424 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueCore.dll
2020-03-02 22:17 - 2020-03-02 22:17 - 054698496 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.dll
2020-03-02 21:41 - 2020-03-02 21:41 - 000050688 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\IndexExcludeProxyModel.dll
2020-03-02 21:43 - 2020-03-02 21:43 - 002917888 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\CombinedManifests.dll
2020-03-02 21:43 - 2020-03-02 21:43 - 001621504 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\FallbackManifest.dll
2020-03-02 21:43 - 2020-03-02 21:43 - 001243648 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestBuilder.dll
2020-03-02 21:42 - 2020-03-02 21:42 - 000075264 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestRegistry.dll
2020-03-02 21:42 - 2020-03-02 21:42 - 234713600 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestSharedResources.dll
2020-03-02 21:40 - 2020-03-02 21:40 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2020-03-02 21:41 - 2020-03-02 21:41 - 000428032 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\UniversalKey.dll
2020-03-02 21:40 - 2020-03-02 21:40 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\ClaymoreProtocol.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\cpuutil.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\CharmProtocol.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 001951232 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\R2Clib.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\RogNewmouseProtocol.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\Vender.dll
2019-10-16 06:32 - 2019-10-16 06:32 - 000262656 _____ () [File not signed] C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000081920 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\LightingService\1.00.42\AudioLEDCtrl.dll
2020-01-09 11:49 - 2020-01-09 11:49 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-02-24 20:53 - 2020-02-24 20:53 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-02-24 20:53 - 2020-02-24 20:53 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2020-03-02 22:18 - 2020-03-02 22:18 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.42\LED_DLL_forMB.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.42\VGA_Extra.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\sharepoint.com -> hxxps://sssvt-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-06-01 22:07 - 2019-07-06 12:35 - 000000892 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 virustotal.com
127.0.0.1 virustotal.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\nodejs\
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Radek\Desktop\22270.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: ExitLag Game Booster -> nt_ndextlag (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: ExitLag Game Booster -> nt_ndextlag (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A2CE08B-DE15-486F-B98F-27BD34A89866}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{64AF7421-0307-4CA8-AF92-2F56093B41A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{D1916554-6104-494D-894F-CF87C4CA2497}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{5D402903-6F8A-45C8-B1BE-1B3F29E1128A}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{66D4A6F4-810D-4E9C-BC34-FC6C06ACDC43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{47044DA9-FB59-4678-8B6F-4C17118A88C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{A3BE07AD-9C23-40E0-B013-57B33ABB5149}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{6391ED29-8CA2-4888-9979-5E4EC2A6B892}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{582CFDF2-183B-4E3A-8235-D9AFD5212CA4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{4FCB69D1-5067-4AEF-AF92-8CAF4685B61F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{CC6740B7-7CBA-4D38-A1EE-29BB9A25171B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9C31010C-78A7-445E-B9AB-90CE57836C26}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F9709181-4C7C-4329-BB40-98EA71D21200}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{1DFAE293-3AA6-4627-8CEC-8AC82054E7F8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{09C47BD3-2CD6-46E6-9BA9-3A7ADAFEAF18}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F3355F11-61B2-4FB6-A020-E0423491551F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{15CCAE77-C8AD-4730-B73C-02DF4A6FEF33}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E4678ADF-326C-4935-BE1F-7B25B04579F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BFF8F327-B109-450F-88DE-2D17E200B699}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{CB59557D-BE04-4705-B7BC-6753695AF2DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F58C7FBD-F270-4A78-AAB0-EB6256A51675}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [UDP Query User{6E5F227A-BFFE-4652-84FA-05E226D85990}C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6CB344FD-309A-4BA7-ADC9-84AA87437525}C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A8C263DC-8D5B-48CF-8668-56823B070155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{107351D4-8F7E-490B-80FE-674B53B0AE6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2ABBE1D5-511C-46FE-B3CE-1386C7AD42B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{C0F7FD85-93AF-4FF4-AA48-F17F6E821B25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{C998A480-6971-44D8-A712-E4DD194113EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7058DEC6-DE67-4420-8CB6-59DEAC116311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{78D856BF-5223-4AC2-B88D-5D0B15EA91BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E529EC02-499E-45A5-8A30-99AFADAE4BCB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{F6A10788-5387-4650-9596-18CAFD4E91A8}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{8D6EC3B8-DBA1-43A6-8615-DFE99EC75D8F}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A6601870-A73E-4A2F-A8B3-C6AA04558FA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{BF190197-8C26-4C24-90D8-E7EFBA752536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{942085E4-E667-4CB1-B113-30FF792AD435}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6C6F0256-7ADB-4CD5-AE2C-0B0F78FBBD99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F367AD48-4D71-4286-83E5-B28471FB586E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E85CB337-112A-4902-8253-4478A7086A10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C1F8D057-A7C3-475E-9D76-C6F1370CE1DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe () [File not signed]
FirewallRules: [{7A3B323C-4336-460F-ACBC-B5BA533ECD3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe () [File not signed]
FirewallRules: [{8C1F4843-C649-4B0A-A415-00319FE9EE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe () [File not signed]
FirewallRules: [{039F4AE1-8B80-4C5B-841E-90623D730821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe () [File not signed]
FirewallRules: [TCP Query User{54EF4BD0-AE21-4B79-B313-96766AE655DC}C:\program files (x86)\heavy rain\heavyrain.exe] => (Allow) C:\program files (x86)\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [UDP Query User{2D410886-ED55-4D1E-A6DC-6BED41AD089A}C:\program files (x86)\heavy rain\heavyrain.exe] => (Allow) C:\program files (x86)\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [{863E971C-B7EA-439E-87A3-B5CE26894D78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3744B18D-39A6-4F89-A9CD-F6D80EA8DB05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{BE418354-8828-4735-B3B2-B43FD943F60E}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{F6EAE85D-405C-47FB-AF74-BEC9E77CFC4A}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{E79C3060-F5C4-4B37-85A1-94C010C75F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3BCBAE26-F94B-4A94-B860-32E5DB8FE15E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D43F23A8-BB04-4FB2-9C4D-822F6C77577F}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{CCEDAD6C-95A8-4CE2-AF4E-B2F3113A9971}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0C64F8B5-9206-4928-8230-6C67DB7691BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{AA54B8A2-6FD8-4551-B2F8-BBC520E25BB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [TCP Query User{AF8D0406-AAE8-452E-94A8-ACE7407382D6}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{E805391C-084A-46BC-B299-BE1584293B20}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{314E179B-FF30-4969-98D4-57D3E335B701}C:\program files (x86)\battle.net\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F4ABC4E4-E95E-4BB6-8D3D-095CD1121349}C:\program files (x86)\battle.net\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7124555A-D608-40E3-9B28-0B22DB26D398}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{330A7A2F-995A-4585-B9FB-139F86591618}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{DE4637EA-F9A6-4905-9B9C-DAF1604475AD}C:\users\radek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\radek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A28844C2-3C3D-4E63-9419-392969713AB2}C:\users\radek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\radek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F131013-81B3-4372-9DD3-6CB5637A71E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D28E6AB5-DFB6-4F21-8EC8-CFDAEBF50458}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1A281B99-7A42-4374-9AEC-237D347DA72E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{92F04B05-71A0-45ED-9BCB-D207DAE75FAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{18710515-C2B3-4E01-83C1-0529F8305A90}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (Skowsand Servicos De Provedores E Internet LTDA - ME -> )
FirewallRules: [{99B17990-3631-45C1-AFB0-0CE3C0BBDB71}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (Skowsand Servicos De Provedores E Internet LTDA - ME -> )
FirewallRules: [{06F6A51B-E712-4EAC-8309-84825829B8F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{B501A4D1-8011-45C0-A835-681987FE43EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{0935E85F-82C7-4C2F-B2AB-8D9B89C3DEB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41D4FAD6-5BBE-4FAB-9C4C-CFB4C207F161}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AD7ECFB-5D63-46D6-B9DF-03346D9C1EE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F580129-419A-47BA-A755-4A651EA6D4E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6840F497-13FA-41DE-B18F-73D65DE815AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-04-2020 09:47:55 Naplánovaný kontrolní bod
01-05-2020 02:39:23 Naplánovaný kontrolní bod
08-05-2020 10:39:53 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/09/2020 02:43:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2328,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 02:35:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7980,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 02:29:53 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=13

Error: (05/09/2020 02:22:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1880,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 01:58:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11300,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 01:40:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19916,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 01:09:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6876,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 12:56:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2228,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (05/09/2020 02:28:51 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AC515PC)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/08/2020 10:57:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/08/2020 10:57:08 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ovladač zjistil interní chybu ovladače na \Device\VBoxNetLwf.

Error: (05/08/2020 10:55:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/08/2020 10:55:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/08/2020 10:55:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/08/2020 10:55:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/08/2020 10:55:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-05-04 16:34:03.190
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {41E8F878-3FF8-431C-84BF-7AD611BABDCE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-04 16:19:58.903
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {94DB482C-C5E8-429E-BE3C-72470BB7E7A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-04 15:40:09.571
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {018C81C5-927E-496D-A334-08CFE971E73C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-03 03:47:00.601
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {15C01AF3-AF5B-4B2B-AB6D-98159E825D3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-03 03:13:14.085
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7D903F66-9EE3-4864-9B4A-2590DD3AAE13}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2020-05-03 22:00:48.352
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 22:00:48.336
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 22:00:47.401
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-30 16:57:03.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-30 16:57:03.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-30 16:57:03.757
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 08:09:25.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 08:09:25.177
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0403 05/06/2016
Motherboard: ASUSTeK COMPUTER INC. B150M-A/M.2
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 16304.31 MB
Available physical RAM: 9988.98 MB
Total Virtual: 23901.06 MB
Available Virtual: 14748.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.01 GB) (Free:851.71 GB) NTFS

\\?\Volume{c78ece3a-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{c78ece3a-0000-0000-0000-20a0d1010000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C78ECE3A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=526 MB) - (Type=27)

==================== End of Addition.txt =======================

[Conder]

Ahoj

Tema nam trochu zapadla, kedze si tu aj sam odpovedal

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Spustit skenovani a pockaj na dokoncenie
• V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
• V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
• Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

[Montas]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-12-2020
# Duration: 00:00:06
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\f9fa0701b792d6efbfb6318a70d732d5
Deleted HKCU\Software\Searcher

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1503 octets] - [12/05/2020 02:07:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Poprosim o obidva nove logy z FRST

[Montas]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020
Ran by ADMIN (administrator) on DESKTOP-AC515PC (13-05-2020 01:14:16)
Running from C:\Users\Radek\Downloads
Loaded Profiles: ADMIN
Platform: Windows 10 Pro Version 1909 18363.778 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Discord Inc. -> Discord Inc.) C:\Users\Radek\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [352712 2020-05-09] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-03-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Kerio Control VPN Client] => C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2069864 2018-08-28] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-03-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3373344 2020-05-09] (Valve -> Valve Corporation)
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01FCAC5D-BB76-42FC-B8CA-A7F676557A82} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B90019F-5842-4FD4-B372-43913E665EB5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F516434-BD3B-4508-84CE-07DA084CDEAF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {230E5C66-8DC0-43AC-9CFC-28E158FC2C94} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2AC4EE9F-5A05-4E50-B8DB-3A8A176EC170} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {352F60CC-9792-42EA-9997-38C9C39BE867} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124760 2020-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {38EDCDC0-C2FF-43AB-A753-6B895D43DA4B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {4A37F5EC-6D12-4ED0-AA86-BD0AC1CEFC81} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E1771C5-A6AA-405E-9184-99924FA7E079} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {52C81A9C-AB4D-48AF-A08B-38F1752CEA94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {53F99896-8CD9-49B5-939B-7A2C1E4B29A1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124760 2020-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {65D5D10A-DA97-4262-A96A-F91D3FA07347} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {705E6BC6-FC12-4E3F-9C29-65D7EC2DCAEA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7135BB4C-9F1E-4C12-985D-C596E4C5FD8A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {838808DD-8C38-4195-B3C0-12D8CD1B510B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {8BD8F959-A630-4FE5-B58A-A50A359BBBF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {B5B442AE-584B-44AE-89AB-20915A6CD329} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8AA932A-CC2F-4388-907A-028BD469690E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC125D11-7DB5-41AE-97FF-8F305FF4DD64} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C3B79C69-24E2-47F8-934F-FF2804452A71} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {C4C110EF-02F3-4CD5-84DC-6CD0823801EB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe [1454136 2020-05-12] (Adobe Inc. -> Adobe)
Task: {C67CA02D-A184-48D4-9707-BB019704B81B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-06] (Google Inc -> Google Inc.)
Task: {D23DDE6A-8515-4B72-B5D2-ADACD3355047} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA576B0F-FFFA-4A8C-9719-BDD999F5A527} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-06] (Google Inc -> Google Inc.)
Task: {DC5BD92D-1297-4F35-9F33-8E38BF187A3F} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-AC515PC-ADMIN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DCCA85DE-C316-4FC6-8DA0-7DA01AFEC0F3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E93B3925-165C-4F41-97FB-604BEF26A487} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE17164C-2AFD-4D01-8340-5F67E4AFFC42} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6D3CFF7-DEDD-4CAA-9BA6-AA710F4FFDA3} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe [280536 2018-05-06] (ASUSTeK Computer Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d55a0e0-64e8-4178-bb77-4f475ca8a8a1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b9de25a9-1a35-47ed-8543-abb4d728e205}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default [2020-05-13]
CHR Notifications: Default -> hxxps://www.kupi.cz
CHR Extension: (Prezentace) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-06]
CHR Extension: (BetterTTV) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-04-22]
CHR Extension: (Dokumenty) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-06]
CHR Extension: (Disk Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Tabulky) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Unblock any site - Hola Free VPN) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-05-08]
CHR Extension: (YouTube NonStop) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2019-10-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01]
CHR Extension: (Gmail) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-07-10] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10610544 2020-04-30] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [403496 2020-03-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55848 2020-03-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 KVPNCSvc; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [1986920 2018-08-28] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe [1289688 2018-05-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-19] (Logitech Inc -> Logitech)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [237520 2020-04-21] (TEFINCOM S.A. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2474800 2020-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3394864 2020-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-12-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-03-01] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [690424 2019-01-14] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9821696 2020-05-09] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-08-01] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-11-17] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2020-05-12] (CPUID S.A.R.L.U. -> CPUID)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2019-08-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2019-08-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-05-09] (Malwarebytes Corporation -> Malwarebytes)
R3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [18536 2019-07-03] (Francisco Lopes da Silva -> Oblita)
R3 kvnet; C:\WINDOWS\System32\drivers\kvnet.sys [48552 2018-08-28] (GFI Software Development Limited -> Kerio Technologies Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-12] (Malwarebytes Inc -> Malwarebytes)
R3 mouse; C:\Windows\System32\Drivers\mouse.sys [18536 2019-07-03] (Francisco Lopes da Silva -> Oblita)
R1 ndextlag; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [48640 2018-04-11] (Mainline Net Holdings Limited -> SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA - ME)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek Semiconductor Corp -> Realtek )
R3 RtsUpx; C:\WINDOWS\system32\drivers\RtsUpx.sys [30328 2018-05-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [44080 2019-07-03] (Shaul Eizikovich -> Nefarius Software Solutions)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (Windscribe Limited -> The OpenVPN Project)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247216 2019-01-14] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [144632 2018-01-15] (Oracle Corporation -> Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [3361376 2020-05-09] (Riot Games, Inc. -> Riot Games, Inc.)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-11-22] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Radek\Documents\Gladiatorcheatz "
2020-05-13 01:14 - 2020-05-13 01:15 - 000031830 _____ C:\Users\Radek\Downloads\FRST.txt
2020-05-13 01:13 - 2020-05-13 01:13 - 000000000 ____D C:\Users\Radek\Downloads\FRST-OlderVersion
2020-05-12 16:51 - 2020-05-12 16:52 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-05-12 15:55 - 2020-05-12 15:55 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-05-12 15:54 - 2020-05-12 15:54 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-05-12 15:54 - 2020-05-12 15:54 - 000125088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-05-12 15:53 - 2020-05-12 15:53 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-12 09:02 - 2020-05-12 09:53 - 1009146407 _____ C:\Users\Radek\Desktop\2020-05-12 09-02-13.mp4
2020-05-12 02:05 - 2020-05-12 02:07 - 000000000 ____D C:\AdwCleaner
2020-05-12 02:05 - 2020-05-12 02:05 - 008196784 _____ (Malwarebytes) C:\Users\Radek\Downloads\adwcleaner_8.0.4.exe
2020-05-11 02:07 - 2020-05-11 02:13 - 000000405 _____ C:\Users\Radek\Desktop\Fy.txt
2020-05-10 15:48 - 2020-05-10 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-05-10 15:48 - 2020-05-10 15:48 - 000000000 ____D C:\Program Files\NordVPN network TUN
2020-05-10 15:48 - 2020-05-10 15:48 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-05-09 02:57 - 2020-05-13 01:15 - 000000000 ____D C:\FRST
2020-05-09 02:56 - 2020-05-13 01:13 - 002285568 _____ (Farbar) C:\Users\Radek\Downloads\FRST64.exe
2020-05-09 02:49 - 2020-05-13 01:13 - 000000000 ____D C:\rsit
2020-05-09 02:49 - 2020-05-09 02:49 - 001222144 _____ C:\Users\Radek\Downloads\RSITx64.exe
2020-05-09 02:49 - 2020-05-09 02:49 - 000000000 ____D C:\Program Files\trend micro
2020-05-09 02:39 - 2020-05-09 02:39 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-09 02:39 - 2020-05-09 02:39 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-09 02:39 - 2020-05-09 02:39 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-09 02:38 - 2020-05-09 02:38 - 001980016 _____ (Malwarebytes) C:\Users\Radek\Downloads\MBSetup.exe
2020-05-09 02:38 - 2020-05-09 02:38 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-09 02:38 - 2020-05-09 02:38 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-07 12:11 - 2020-05-07 12:47 - 712587643 _____ C:\Users\Radek\Desktop\2020-05-07 12-11-37.mp4
2020-05-05 09:54 - 2020-05-05 09:54 - 000041510 _____ C:\Users\Radek\Downloads\baroko, 1.ročník.odt
2020-05-05 01:23 - 2020-05-05 01:23 - 000777216 _____ C:\Users\Radek\Downloads\35_PaketTCPIP.ppt
2020-05-05 01:23 - 2020-05-05 01:23 - 000777216 _____ C:\Users\Radek\Desktop\35_PaketTCPIP.ppt
2020-05-05 01:23 - 2020-05-05 01:23 - 000392554 _____ C:\Users\Radek\Downloads\36_PaketICMP.pdf
2020-05-05 01:23 - 2020-05-05 01:23 - 000392554 _____ C:\Users\Radek\Desktop\36_PaketICMP.pdf
2020-05-04 18:05 - 2020-05-04 18:05 - 001461517 _____ C:\Users\Radek\Downloads\IS_ANE_1 - Anestezie.pdf
2020-05-04 18:05 - 2020-05-04 18:05 - 000670474 _____ C:\Users\Radek\Downloads\F_LUZKA_1 - Poučení o rozsahu odpovědnosti ISCARE.pdf
2020-05-03 22:00 - 2020-05-03 22:00 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-05-03 21:58 - 2020-04-11 23:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-05-03 21:58 - 2020-04-11 23:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-05-03 21:58 - 2020-04-11 23:55 - 000450280 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-05-03 21:58 - 2020-04-11 23:54 - 011945872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 017601632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 015158384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 005855856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 005159520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 002074232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001722480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444587.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001566328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001483376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001481328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001142200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 001048504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000817080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000811448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000679864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000676448 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000546744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-05-03 21:58 - 2020-04-11 23:53 - 000543160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-05-03 16:39 - 2020-05-03 16:39 - 000012588 _____ C:\Users\Radek\Downloads\Harmonogram_SP.xlsx
2020-05-01 21:04 - 2020-05-01 21:04 - 000001170 _____ C:\Users\Radek\Desktop\FarCry5.lnk
2020-05-01 20:20 - 2020-05-01 20:20 - 000000000 ____D C:\Program Files (x86)\Far Cry 5
2020-05-01 18:38 - 2020-05-01 18:47 - 000000000 ____D C:\Users\Radek\Downloads\Far Cry 5
2020-04-29 14:28 - 2020-04-29 14:28 - 000001411 _____ C:\Users\Public\Desktop\Logitech-kameraindstillinger.lnk
2020-04-29 14:28 - 2020-04-29 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech-kameraindstillinger
2020-04-29 14:28 - 2020-04-29 14:28 - 000000000 ____D C:\Program Files\Logitech
2020-04-29 14:25 - 2020-04-29 14:26 - 103441984 _____ (Logitech Europe S.A.) C:\Users\Radek\Downloads\LogiCameraSettings_2.5.17.exe
2020-04-27 09:03 - 2020-04-27 09:03 - 000074656 _____ C:\Users\Radek\Downloads\Shakespeare Hamlet.odt
2020-04-26 13:43 - 2020-04-26 15:07 - 2715254784 _____ C:\Users\Radek\Downloads\ubuntu-20.04-desktop-amd64.iso
2020-04-23 01:23 - 2020-04-23 01:23 - 000054946 _____ C:\Users\Radek\Downloads\Shakespeare Romeo a Julie rozbor.odt
2020-04-22 17:36 - 2020-04-23 09:48 - 000002998 _____ C:\Users\Radek\Desktop\pos.txt
2020-04-20 16:50 - 2020-04-21 11:34 - 000005234 _____ C:\Users\Radek\Desktop\ukolpos4official.txt
2020-04-20 14:00 - 2020-04-20 14:00 - 000039360 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\nlwt.sys
2020-04-19 22:58 - 2020-04-19 23:00 - 000000000 ____D C:\Users\Radek\AppData\Roaming\Sekiro
2020-04-16 23:13 - 2020-05-12 15:55 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-04-16 22:00 - 2020-04-16 22:00 - 000000000 ____D C:\Users\Radek\AppData\Local\ShooterGame
2020-04-16 21:53 - 2020-05-11 13:52 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-04-16 21:53 - 2020-05-10 19:44 - 000000000 ____D C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-04-16 00:15 - 2020-04-16 00:15 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002369576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002188600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001659408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001495864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001386296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 00:14 - 2020-04-16 00:14 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 00:14 - 2020-04-16 00:14 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 00:14 - 2020-04-16 00:14 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 00:14 - 2020-04-16 00:14 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 00:14 - 2020-04-16 00:14 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 00:14 - 2020-04-16 00:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 00:13 - 2020-04-16 00:14 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003980800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 00:13 - 2020-04-16 00:13 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 00:13 - 2020-04-16 00:13 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 00:13 - 2020-04-16 00:13 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 00:13 - 2020-04-16 00:13 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-15 23:42 - 2020-04-15 23:43 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-15 23:42 - 2020-04-15 23:43 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-13 01:14 - 2018-05-06 15:13 - 000000000 ____D C:\Users\Radek\AppData\Roaming\discord
2020-05-13 01:02 - 2019-11-17 13:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-12 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-12 20:49 - 2019-01-14 20:17 - 000000000 ____D C:\Users\Radek\AppData\Local\EpicGamesLauncher
2020-05-12 20:49 - 2018-05-06 01:58 - 000000000 ____D C:\Users\Radek\AppData\Local\NVIDIA
2020-05-12 20:08 - 2018-06-02 18:20 - 000000000 ____D C:\Program Files\Epic Games
2020-05-12 19:05 - 2019-10-03 14:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-05-12 18:03 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-12 18:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-12 15:59 - 2018-05-06 00:52 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-12 15:57 - 2018-05-06 12:33 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-12 15:53 - 2019-11-17 14:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-12 13:17 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-12 12:44 - 2019-11-17 14:26 - 000004666 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-05-12 12:44 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-12 12:44 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-12 09:53 - 2018-12-28 17:01 - 000000000 ____D C:\Users\Radek\AppData\Roaming\obs-studio
2020-05-12 00:37 - 2018-05-06 12:02 - 000000000 ____D C:\Users\Radek\Desktop\Hry
2020-05-12 00:00 - 2019-11-17 14:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2262406034-326345448-3405211083-1001
2020-05-12 00:00 - 2019-11-17 14:07 - 000002361 _____ C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-12 00:00 - 2018-05-06 01:15 - 000000000 ___RD C:\Users\Radek\OneDrive
2020-05-11 12:36 - 2020-03-18 16:14 - 000002364 _____ C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-05-11 12:36 - 2020-03-18 16:14 - 000002356 _____ C:\Users\Radek\Desktop\Microsoft Teams.lnk
2020-05-11 10:11 - 2018-05-06 01:13 - 000000000 ____D C:\Users\Radek\AppData\Local\Packages
2020-05-10 19:44 - 2019-04-25 12:21 - 000000000 ____D C:\Riot Games
2020-05-10 16:45 - 2019-01-17 20:56 - 000000000 ____D C:\Users\Radek\.VirtualBox
2020-05-10 16:41 - 2019-01-17 21:58 - 000000000 ____D C:\Users\Radek\VirtualBox VMs
2020-05-10 16:41 - 2018-12-16 20:37 - 000000000 ____D C:\Users\Radek\AppData\Roaming\qBittorrent
2020-05-10 15:48 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-10 15:48 - 2019-01-06 01:51 - 000000000 ____D C:\Users\Radek\AppData\Local\NordVPN
2020-05-10 15:44 - 2019-01-17 20:56 - 000000000 ____D C:\ProgramData\VirtualBox
2020-05-10 11:09 - 2018-10-25 20:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-09 02:38 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-09 02:38 - 2018-12-12 00:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-08 03:45 - 2018-05-06 12:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-08 03:45 - 2018-05-06 12:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 22:11 - 2019-04-04 18:19 - 000000862 _____ C:\Users\Radek\Desktop\Nový textový dokument (2).txt
2020-05-06 21:50 - 2018-06-08 19:01 - 000000000 ____D C:\Users\Radek\AppData\Local\CrashDumps
2020-05-04 02:33 - 2019-11-17 14:07 - 000000000 ____D C:\Users\Radek
2020-05-03 21:32 - 2019-11-17 14:18 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-03 21:32 - 2019-03-19 13:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-03 21:32 - 2019-03-19 13:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-03 21:29 - 2019-11-17 14:26 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2019-11-17 14:26 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-05-03 21:29 - 2018-05-06 01:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-05-03 21:29 - 2018-05-06 00:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-05-03 21:29 - 2018-05-06 00:52 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-05-02 00:07 - 2018-06-12 15:51 - 000000000 ____D C:\Users\Radek\AppData\Local\Ubisoft Game Launcher
2020-05-01 21:33 - 2019-09-07 17:25 - 000000000 ____D C:\Users\Radek\Documents\CPY_SAVES
2020-05-01 21:33 - 2018-05-26 12:09 - 000000000 ____D C:\Users\Radek\Documents\My Games
2020-05-01 07:02 - 2018-05-06 13:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-29 09:01 - 2018-05-13 16:10 - 000000000 ____D C:\Users\Radek\AppData\Local\ElevatedDiagnostics
2020-04-19 22:05 - 2019-06-16 13:49 - 000000000 ____D C:\Users\Radek\Downloads\sr-dltfeeph
2020-04-16 22:00 - 2019-10-17 18:48 - 000000000 ____D C:\Users\Radek\AppData\Local\Riot Games
2020-04-16 07:22 - 2019-11-17 13:56 - 000313032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 06:43 - 2019-03-19 13:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-04-16 06:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 00:19 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-15 15:28 - 2019-11-17 14:26 - 000004506 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories ========

2020-02-01 15:35 - 2020-02-01 15:35 - 042886902 _____ () C:\Users\Radek\AppData\Roaming\gta5_patch.bin
2019-07-25 17:28 - 2002-08-29 17:33 - 000319488 _____ () C:\Users\Radek\AppData\Roaming\MafiaSetup.exe
2020-02-01 15:35 - 2020-02-01 15:35 - 000332800 _____ () C:\Users\Radek\AppData\Roaming\patcher.dll
2020-02-19 18:02 - 2020-03-15 21:41 - 000000029 ____H () C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B
2019-01-09 20:48 - 2019-01-09 20:48 - 000000184 _____ () C:\Users\Radek\AppData\Local\atidt64.dll
2018-09-28 18:57 - 2018-09-28 18:57 - 000000000 _____ () C:\Users\Radek\AppData\Local\oobelibMkey.log
2018-05-06 16:19 - 2018-05-06 16:19 - 000000017 _____ () C:\Users\Radek\AppData\Local\resmon.resmoncfg
2018-12-12 21:15 - 2018-12-12 21:15 - 000074877 _____ () C:\Users\Radek\AppData\Local\tycloljvc3jj.zip

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Montas]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2020
Ran by ADMIN (13-05-2020 01:16:31)
Running from C:\Users\Radek\Downloads
Windows 10 Pro Version 1909 18363.778 (X64) (2019-11-17 12:27:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

ADMIN (S-1-5-21-2262406034-326345448-3405211083-1001 - Administrator - Enabled) => C:\Users\Radek
Administrator (S-1-5-21-2262406034-326345448-3405211083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2262406034-326345448-3405211083-503 - Limited - Disabled)
Guest (S-1-5-21-2262406034-326345448-3405211083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2262406034-326345448-3405211083-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.371 - Adobe)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 1.9.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 1.9.3.0 - ASUSTek COMPUTER INC.)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.06.17 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.120.0.3003 - BlueStack Systems, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CORSAIR iCUE Software (HKLM-x32\...\{E615E155-8A79-4FED-B188-6F4C3A0CF0DF}) (Version: 3.26.95 - Corsair)
Discord (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExitLag version 3 (HKLM-x32\...\{B3117F72-F22D-4DA7-B554-B3F4EDBB408F}_is1) (Version: 3 - ExitLag)
Far Cry 5 (HKLM\...\Far Cry 5_is1) (Version: 1.4 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Heavy Rain (HKLM-x32\...\{EE94E976-82B0-470C-97A8-ADF41EF11F2A}_is1) (Version: - Quantic Dream)
Hitman 2 (HKLM-x32\...\{F7E0BCEB-1F73-468C-BC5B-CFD39EC31149}_is1) (Version: - IO Interactive)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Kerio Control VPN Client (HKLM\...\{1475DC5D-1CB9-46CC-B1C6-D68A64BEEFB0}) (Version: 9.2.2921 - Kerio Technologies Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Logitech-kameraindstillinger (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
Microsoft .NET Core SDK 2.2.103 (x64) (HKLM-x32\...\{730ee99f-7165-41f7-b107-ced51cbb0c19}) (Version: 2.2.103 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12730.20250 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Node.js (HKLM\...\{41408FBE-699A-4989-83CA-AB035EECA740}) (Version: 12.13.1 - Node.js Foundation)
NordVPN (HKLM-x32\...\{A87972CF-28AE-43DD-ACB5-16EBD1ED70C3}) (Version: 6.29.7 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.29.7) (Version: 6.29.7 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.13.57 (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.13.57 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.338.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.0.2 (HKLM\...\{55905447-3228-417B-9F9D-6F8AC4D1A15C}) (Version: 6.0.2 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.60.37244 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.75 - NVIDIA Corporation) Hidden
PC Building Simulator v.1.5.2 (HKLM-x32\...\PC Building Simulator_is1) (Version: - )
Proxifier version 3.42 (HKLM-x32\...\Proxifier_is1) (Version: 3.42 - Initex)
Python 3.6.0 (64-bit) (HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\{37a4e38b-baf7-4500-97f1-0f7c51d9a395}) (Version: 3.6.150.0 - Python Software Foundation)
Python 3.6.0 Add to Path (64-bit) (HKLM\...\{5A3CA177-8304-4D59-A44D-6A60032725E4}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (64-bit) (HKLM\...\{1944B5D6-0FFB-47C0-BFEC-5C7A2F013FA7}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (64-bit) (HKLM\...\{A6A3184B-748E-46F4-9E28-6B5889506170}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Documentation (64-bit) (HKLM\...\{5D83032F-36B5-42E4-A114-D310119C6F51}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (64-bit) (HKLM\...\{C0016766-8F63-4992-9E6F-ECFB2CB12BA6}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 pip Bootstrap (64-bit) (HKLM\...\{F9C1C892-4908-41F4-900C-7B0DAAF2387B}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (64-bit) (HKLM\...\{F3CB2257-C4C7-4C84-AF63-BADCED1E3273}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (64-bit) (HKLM\...\{E24AA157-AD52-42ED-B484-CA5979D4A728}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (64-bit) (HKLM\...\{631C7E77-5832-40D1-9D6D-7B3766D79BDF}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Utility Scripts (64-bit) (HKLM\...\{FE905DA4-0F23-4F99-9284-50BB4913CEB4}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A674B2CB-13CA-437B-A215-9DD257959A49}) (Version: 3.6.5835.0 - Python Software Foundation)
qBittorrent 4.1.4 (HKLM-x32\...\qBittorrent) (Version: 4.1.4 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Slime Rancher Galactic Bundle (HKLM-x32\...\Slime Rancher Galactic Bundle_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 61.0 - Ubisoft)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.167.200.0_x86__kgqvnymyfvs32 [2020-05-05] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.0.0.8_x86__h6adky7gbf63m [2020-04-22] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-17] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2020-04-16] (Microsoft Corporation)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.0.8_x86__h6adky7gbf63m [2020-05-12] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-CBC0EDC8089F} -> [Creative Cloud Files] => C:\Users\Radek\Creative Cloud Files [2018-05-15 19:30]
CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Radek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Radek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2262406034-326345448-3405211083-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-03-04 00:30 - 2017-09-27 18:30 - 000489984 _____ ( (Newtonsoft) [File not signed]) [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2019-03-04 00:30 - 2017-11-07 17:37 - 000088064 _____ ( (Wondershare) [File not signed]) [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2019-03-04 00:30 - 2017-11-07 17:37 - 000200192 _____ ( (Wondershare) [File not signed]) [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll
2020-03-02 21:41 - 2020-03-02 21:41 - 000295424 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueCore.dll
2020-03-02 22:17 - 2020-03-02 22:17 - 054698496 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.dll
2020-03-02 21:41 - 2020-03-02 21:41 - 000050688 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\IndexExcludeProxyModel.dll
2020-03-02 21:43 - 2020-03-02 21:43 - 002917888 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\CombinedManifests.dll
2020-03-02 21:43 - 2020-03-02 21:43 - 001621504 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\FallbackManifest.dll
2020-03-02 21:43 - 2020-03-02 21:43 - 001243648 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestBuilder.dll
2020-03-02 21:42 - 2020-03-02 21:42 - 000075264 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestRegistry.dll
2020-03-02 21:42 - 2020-03-02 21:42 - 234713600 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestSharedResources.dll
2020-03-02 21:40 - 2020-03-02 21:40 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2020-03-02 21:41 - 2020-03-02 21:41 - 000428032 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\UniversalKey.dll
2020-03-02 21:40 - 2020-03-02 21:40 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2019-01-14 20:17 - 2019-01-14 20:18 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-01-14 20:18 - 2019-01-14 20:18 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-01-14 20:18 - 2019-01-14 20:18 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\ClaymoreProtocol.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\cpuutil.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\CharmProtocol.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 001951232 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\R2Clib.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\RogNewmouseProtocol.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.42\Vender.dll
2018-05-06 02:10 - 2020-05-12 15:53 - 000029992 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 000081920 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\LightingService\1.00.42\AudioLEDCtrl.dll
2020-01-09 11:49 - 2020-01-09 11:49 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2019-01-14 20:17 - 2019-01-14 20:17 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-02-24 20:53 - 2020-02-24 20:53 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-02-24 20:53 - 2020-02-24 20:53 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2020-03-02 22:18 - 2020-03-02 22:18 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.42\LED_DLL_forMB.dll
2018-05-06 02:13 - 2018-05-06 02:12 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.42\VGA_Extra.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\sharepoint.com -> hxxps://sssvt-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-06-01 22:07 - 2019-07-06 12:35 - 000000892 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 virustotal.com
127.0.0.1 virustotal.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\nodejs\
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Radek\Desktop\22270.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: ExitLag Game Booster -> nt_ndextlag (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: ExitLag Game Booster -> nt_ndextlag (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2262406034-326345448-3405211083-1001\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A2CE08B-DE15-486F-B98F-27BD34A89866}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{64AF7421-0307-4CA8-AF92-2F56093B41A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{D1916554-6104-494D-894F-CF87C4CA2497}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{5D402903-6F8A-45C8-B1BE-1B3F29E1128A}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{66D4A6F4-810D-4E9C-BC34-FC6C06ACDC43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{47044DA9-FB59-4678-8B6F-4C17118A88C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{A3BE07AD-9C23-40E0-B013-57B33ABB5149}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{6391ED29-8CA2-4888-9979-5E4EC2A6B892}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{582CFDF2-183B-4E3A-8235-D9AFD5212CA4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{4FCB69D1-5067-4AEF-AF92-8CAF4685B61F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{CC6740B7-7CBA-4D38-A1EE-29BB9A25171B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9C31010C-78A7-445E-B9AB-90CE57836C26}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F9709181-4C7C-4329-BB40-98EA71D21200}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{1DFAE293-3AA6-4627-8CEC-8AC82054E7F8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{09C47BD3-2CD6-46E6-9BA9-3A7ADAFEAF18}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F3355F11-61B2-4FB6-A020-E0423491551F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{15CCAE77-C8AD-4730-B73C-02DF4A6FEF33}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E4678ADF-326C-4935-BE1F-7B25B04579F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BFF8F327-B109-450F-88DE-2D17E200B699}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{CB59557D-BE04-4705-B7BC-6753695AF2DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F58C7FBD-F270-4A78-AAB0-EB6256A51675}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [UDP Query User{6E5F227A-BFFE-4652-84FA-05E226D85990}C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6CB344FD-309A-4BA7-ADC9-84AA87437525}C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\radek\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A8C263DC-8D5B-48CF-8668-56823B070155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{107351D4-8F7E-490B-80FE-674B53B0AE6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2ABBE1D5-511C-46FE-B3CE-1386C7AD42B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{C0F7FD85-93AF-4FF4-AA48-F17F6E821B25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{C998A480-6971-44D8-A712-E4DD194113EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7058DEC6-DE67-4420-8CB6-59DEAC116311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{78D856BF-5223-4AC2-B88D-5D0B15EA91BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E529EC02-499E-45A5-8A30-99AFADAE4BCB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{F6A10788-5387-4650-9596-18CAFD4E91A8}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{8D6EC3B8-DBA1-43A6-8615-DFE99EC75D8F}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A6601870-A73E-4A2F-A8B3-C6AA04558FA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{BF190197-8C26-4C24-90D8-E7EFBA752536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{942085E4-E667-4CB1-B113-30FF792AD435}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6C6F0256-7ADB-4CD5-AE2C-0B0F78FBBD99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F367AD48-4D71-4286-83E5-B28471FB586E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E85CB337-112A-4902-8253-4478A7086A10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C1F8D057-A7C3-475E-9D76-C6F1370CE1DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe () [File not signed]
FirewallRules: [{7A3B323C-4336-460F-ACBC-B5BA533ECD3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe () [File not signed]
FirewallRules: [{8C1F4843-C649-4B0A-A415-00319FE9EE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe () [File not signed]
FirewallRules: [{039F4AE1-8B80-4C5B-841E-90623D730821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe () [File not signed]
FirewallRules: [TCP Query User{54EF4BD0-AE21-4B79-B313-96766AE655DC}C:\program files (x86)\heavy rain\heavyrain.exe] => (Allow) C:\program files (x86)\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [UDP Query User{2D410886-ED55-4D1E-A6DC-6BED41AD089A}C:\program files (x86)\heavy rain\heavyrain.exe] => (Allow) C:\program files (x86)\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [{863E971C-B7EA-439E-87A3-B5CE26894D78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3744B18D-39A6-4F89-A9CD-F6D80EA8DB05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{BE418354-8828-4735-B3B2-B43FD943F60E}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{F6EAE85D-405C-47FB-AF74-BEC9E77CFC4A}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) C:\WINDOWS\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [{E79C3060-F5C4-4B37-85A1-94C010C75F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3BCBAE26-F94B-4A94-B860-32E5DB8FE15E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D43F23A8-BB04-4FB2-9C4D-822F6C77577F}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{CCEDAD6C-95A8-4CE2-AF4E-B2F3113A9971}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0C64F8B5-9206-4928-8230-6C67DB7691BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{AA54B8A2-6FD8-4551-B2F8-BBC520E25BB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [TCP Query User{AF8D0406-AAE8-452E-94A8-ACE7407382D6}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{E805391C-084A-46BC-B299-BE1584293B20}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{314E179B-FF30-4969-98D4-57D3E335B701}C:\program files (x86)\battle.net\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F4ABC4E4-E95E-4BB6-8D3D-095CD1121349}C:\program files (x86)\battle.net\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7124555A-D608-40E3-9B28-0B22DB26D398}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{330A7A2F-995A-4585-B9FB-139F86591618}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{DE4637EA-F9A6-4905-9B9C-DAF1604475AD}C:\users\radek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\radek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A28844C2-3C3D-4E63-9419-392969713AB2}C:\users\radek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\radek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18710515-C2B3-4E01-83C1-0529F8305A90}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (Skowsand Servicos De Provedores E Internet LTDA - ME -> )
FirewallRules: [{99B17990-3631-45C1-AFB0-0CE3C0BBDB71}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (Skowsand Servicos De Provedores E Internet LTDA - ME -> )
FirewallRules: [{06F6A51B-E712-4EAC-8309-84825829B8F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{B501A4D1-8011-45C0-A835-681987FE43EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{0935E85F-82C7-4C2F-B2AB-8D9B89C3DEB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41D4FAD6-5BBE-4FAB-9C4C-CFB4C207F161}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AD7ECFB-5D63-46D6-B9DF-03346D9C1EE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F580129-419A-47BA-A755-4A651EA6D4E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6840F497-13FA-41DE-B18F-73D65DE815AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7F97D42F-75D7-4DDA-95D2-579A106CC974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8B0DC89D-8AEB-4413-BD6D-DB171F76C850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1CE34334-F7D8-475D-BEAE-1AC2562863D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B22B4BF9-9A60-453F-8BA3-704C917AEF30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/13/2020 01:03:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/13/2020 01:03:13 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/12/2020 11:27:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13376,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 11:21:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 10:11:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7604,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 10:00:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 09:55:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8984,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 09:40:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (05/13/2020 01:02:37 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ovladač zjistil interní chybu ovladače na \Device\VBoxNetLwf.

Error: (05/12/2020 08:15:14 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/12/2020 04:01:44 PM) (Source: VDS Basic Provider) (EventID: 5) (User: )
Description: Na disku \\?\PhysicalDrive1 nelze nastavit sektory na nulu. Kód chyby: 5@0101000F

Error: (05/12/2020 03:59:05 PM) (Source: VDS Basic Provider) (EventID: 5) (User: )
Description: Na disku \\?\PhysicalDrive1 nelze nastavit sektory na nulu. Kód chyby: 5@0101000F

Error: (05/12/2020 03:54:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/12/2020 03:54:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (45000 ms).

Error: (05/12/2020 03:53:33 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (05/12/2020 03:53:33 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.


Windows Defender:
===================================
Date: 2020-05-12 13:16:21.225
Description:
Antivirová ochrana v programu Windows Defender zjistil podezřelé chování.
Název: Behavior:Win32/ModifiedBootRecord
ID: 3527414015
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: file:_C:\Users\Radek\AppData\Local\Temp\1Y4u8MhluC9ZJW2yUp3ukZcH1d6\balenaEtcher.exe; process:_9228
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: DESKTOP-AC515PC\ADMIN
Název procesu: C:\Users\Radek\AppData\Local\Temp\1Y4u8MhluC9ZJW2yUp3ukZcH1d6\balenaEtcher.exe
ID bezpečnostních informací: 23858570787236
Verze bezpečnostních informací: AV: 1.315.471.0, AS: 1.315.471.0
Verze modulu: 1.1.17000.7
Štítek věrnosti: Střední
Název cílového souboru:

Date: 2020-05-04 16:34:03.190
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {41E8F878-3FF8-431C-84BF-7AD611BABDCE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-04 16:19:58.903
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {94DB482C-C5E8-429E-BE3C-72470BB7E7A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-04 15:40:09.571
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {018C81C5-927E-496D-A334-08CFE971E73C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-03 03:47:00.601
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {15C01AF3-AF5B-4B2B-AB6D-98159E825D3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2020-05-03 22:00:48.352
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 22:00:48.336
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 22:00:47.401
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-30 16:57:03.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-30 16:57:03.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-30 16:57:03.757
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 08:09:25.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-27 08:09:25.177
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0403 05/06/2016
Motherboard: ASUSTeK COMPUTER INC. B150M-A/M.2
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 16304.31 MB
Available physical RAM: 10505.27 MB
Total Virtual: 33162.82 MB
Available Virtual: 23793.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.01 GB) (Free:844.27 GB) NTFS

\\?\Volume{c78ece3a-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{c78ece3a-0000-0000-0000-20a0d1010000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C78ECE3A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=526 MB) - (Type=27)

==================== End of Addition.txt =======================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\WINDOWS\System32\drivers\BthA2dp.sys
  File: C:\Users\Radek\AppData\Roaming\gta5_patch.bin
  File: C:\Users\Radek\AppData\Roaming\MafiaSetup.exe
  File: C:\Users\Radek\AppData\Roaming\patcher.dll
  File: C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B
  CMD: type "C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B"
  
  CMD: dir /x "C:\Users\Pracovní PC\Desktop"
  File: C:\Users\Radek\Documents\Gladiatorcheatz
  Folder: C:\Users\Radek\Documents\Gladiatorcheatz
  
  2020-05-09 02:49 - 2020-05-13 01:13 - 000000000 ____D C:\rsit
  2020-05-09 02:49 - 2020-05-09 02:49 - 001222144 _____ C:\Users\Radek\Downloads\RSITx64.exe
  2020-05-09 02:49 - 2020-05-09 02:49 - 000000000 ____D C:\Program Files\trend micro
  2020-02-19 18:02 - 2020-03-15 21:41 - 000000029 ____H () C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B
  AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
  AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:3or4kl4x13tuuug3Byamue2s4b [81]
  AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Montas]

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by ADMIN (14-05-2020 03:05:30) Run:1
Running from C:\Users\Radek\Downloads
Loaded Profiles: ADMIN
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\System32\drivers\BthA2dp.sys
File: C:\Users\Radek\AppData\Roaming\gta5_patch.bin
File: C:\Users\Radek\AppData\Roaming\MafiaSetup.exe
File: C:\Users\Radek\AppData\Roaming\patcher.dll
File: C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B
CMD: type "C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B"

CMD: dir /x "C:\Users\Pracovní PC\Desktop"
File: C:\Users\Radek\Documents\Gladiatorcheatz
Folder: C:\Users\Radek\Documents\Gladiatorcheatz

2020-05-09 02:49 - 2020-05-13 01:13 - 000000000 ____D C:\rsit
2020-05-09 02:49 - 2020-05-09 02:49 - 001222144 _____ C:\Users\Radek\Downloads\RSITx64.exe
2020-05-09 02:49 - 2020-05-09 02:49 - 000000000 ____D C:\Program Files\trend micro
2020-02-19 18:02 - 2020-03-15 21:41 - 000000029 ____H () C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 461
Average :
Sum : 9278167543
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\WINDOWS\System32\drivers\BthA2dp.sys ========================

C:\WINDOWS\System32\drivers\BthA2dp.sys
File not signed
MD5: CCA2505C9EB10CDABDC9FEE10D812F02
Creation and modification date: 2019-11-17 13:22 - 2019-11-17 13:22
Size: 000231936
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: btha2dp.sys
Original Name: btha2dp.sys
Product: Microsoft® Windows® Operating System
Description: Bluetooth A2DP Driver
File Version: 10.0.18362.356 (WinBuild.160101.0800)
Product Version: 10.0.18362.356
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/8b0f65f ... 589388807/

====== End of File: ======


========================= File: C:\Users\Radek\AppData\Roaming\gta5_patch.bin ========================

C:\Users\Radek\AppData\Roaming\gta5_patch.bin
File not signed
MD5: 7FDE43DB16852C486006DFB009989DCA
Creation and modification date: 2020-02-01 15:35 - 2020-02-01 15:35
Size: 042886902
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\Radek\AppData\Roaming\MafiaSetup.exe ========================

C:\Users\Radek\AppData\Roaming\MafiaSetup.exe
File not signed
MD5: FDE39A9C5DEA6D0186B264CA4D8EC6D9
Creation and modification date: 2019-07-25 17:28 - 2002-08-29 17:33
Size: 000319488
Attributes: ----A
Company Name:
Internal Name: MafiaInstallShield
Original Name: MafiaInstallShield.EXE
Product: MafiaInstallShield Application
Description: MafiaInstallShield MFC Application
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 1
Copyright: Copyright (C) 2002
VirusTotal: https://www.virustotal.com/file/e052eb0 ... 576872844/

====== End of File: ======


========================= File: C:\Users\Radek\AppData\Roaming\patcher.dll ========================

C:\Users\Radek\AppData\Roaming\patcher.dll
File not signed
MD5: 39D8EF19F3C377F290F9C9A6B60FDB36
Creation and modification date: 2020-02-01 15:35 - 2020-02-01 15:35
Size: 000332800
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/db158cd ... 582208811/

====== End of File: ======


========================= File: C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B ========================

C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B
File not signed
MD5: 1194871D889AA556FE20A7F0C6877186
Creation and modification date: 2020-02-19 18:02 - 2020-03-15 21:41
Size: 000000029
Attributes: ---AH
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========= type "C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B" =========

,ń^đ8Yźaž0ő‘Kh­,Ą6čƒQ*ůYźołđ
========= End of CMD: =========


========= dir /x "C:\Users\Pracovní PC\Desktop" =========

Syst‚m nem…§e nal‚zt uvedeně soubor.

========= End of CMD: =========


========================= File: C:\Users\Radek\Documents\Gladiatorcheatz ========================

"C:\Users\Radek\Documents\Gladiatorcheatz" => not found
====== End of File: ======


========================= Folder: C:\Users\Radek\Documents\Gladiatorcheatz ========================

not found.

====== End of Folder: ======

C:\rsit => moved successfully
C:\Users\Radek\Downloads\RSITx64.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Radek\AppData\Local\AC962122EE3AE7636C42C72595813B93C76994EACDD6BE5834187F06C416A26552B13E157D5235A59F3BC13B284DD7558434A937C9EBE1A25E1145547212E23B => moved successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\Radek\Desktop\Účtenka Xiaomi redmi note 8 Pro 4.3.2O2O.jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 335591678 B
Java, Flash, Steam htmlcache => 801428304 B
Windows/system/drivers => 46488174 B
Edge => 18218375 B
Chrome => 534096368 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 42450 B
NetworkService => 106992 B
Radek => 323130438 B

RecycleBin => 718499443 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 03:08:19 ====

[Conder]

Plocha ma cca 8 GB, co je vela. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

V dokumentoch sa zrejme nachadza subor alebo zlozka s nazvom "Gladiatorcheatz" - poznas to a vies o co ide?

Ako to vyzera s PC?

[Montas]

- Velké soubory z plochy jsem přesunul do těch dokumentů -> a je tam vidět velký rozdíl

- Pak jsem se díval na ten soubor "gladiatorcheatz" a netuším co to je za soubor, ale všiml jsem si, že nejde odstranit a ta složka je prázdná

- Jinak se mi za tu dobu při hraní her procesor nevyužil na 100% takže by asi mělo být vše v pořádku

[Conder]

Superr. Ak chces, mozeme este zmazat ten subor "gladiatorcheatz".

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CMD: dir /x C:\Users\Radek\Documents
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Pockaj na dokoncenie
• Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

[Montas]

fixlist content:
*****************
Start
CMD: dir /x C:\Users\Radek\Documents
End
*****************


========= dir /x C:\Users\Radek\Documents =========

Volume in drive C has no label.
Volume Serial Number is 4ED6-966E

Directory of C:\Users\Radek\Documents

16.05.2020 15:25 <DIR> .
16.05.2020 15:25 <DIR> ..
20.08.2018 19:02 <DIR> Adobe
14.03.2020 00:52 <DIR> Amnesia
16.03.2020 14:38 <DIR> CALLOF~1 Call of Duty Modern Warfare
01.05.2020 21:33 <DIR> CPY_SA~1 CPY_SAVES
25.10.2019 04:31 <DIR> DOWNLO~1 Downloads
16.02.2020 13:24 <DIR> EUROTR~1 Euro Truck Simulator 2
04.06.2018 16:36 <DIR> Fax
15.05.2020 02:08 <DIR> GLADIA~1 Gladiatorcheatz
09.06.2019 16:57 <DIR> GTASAN~1 GTA San Andreas User Files
31.08.2018 02:08 <DIR> LEAGUE~1 League of Legends
22.12.2019 16:17 <DIR> MAGIXD~1 MAGIX Downloads
08.12.2019 21:38 <DIR> MANHUN~1 Manhunt User Files
31.01.2020 20:28 <DIR> MOJESP~1 Moje Spore větvory
15.08.2019 17:34 <DIR> MOUNT&~1 Mount&Blade Warband
15.08.2019 17:38 <DIR> MOUNT&~2 Mount&Blade Warband Savegames
22.12.2019 16:31 <DIR> MOVIES~1.0PR Movie Studio 16.0 Projects
19.05.2020 14:33 <DIR> MYGAME~1 My Games
01.02.2020 15:18 <DIR> ROCKST~1 Rockstar Games
04.03.2020 11:19 <DIR> SCANNE~1 Scanned Documents
16.05.2020 15:25 <DIR> SQUARE~1 Square Enix
21.12.2019 18:58 <DIR> THEWIT~1 The Witcher 3
25.10.2018 22:46 <DIR> VLASTN~1 Vlastnˇ çablony Office
30.03.2020 18:53 <DIR> WINDOW~1 WindowsPowerShell
0 File(s) 0 bytes
25 Dir(s) 963˙536˙195˙584 bytes free

========= End of CMD: =========

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CMD: rd /s /q "Gladiatorcheatz "
  CMD: rd /s /q "GLADIA~1"
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Pockaj na dokoncenie
• Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

Potom tiez skontroluj, ci sa dana zlozka zmazala alebo nie a napis vysledok.